[BreachExchange] European health care giant Fresenius Group grappling with computer virus

Destry Winant destry at riskbasedsecurity.com
Thu May 7 10:12:26 EDT 2020


https://www.cyberscoop.com/fresenius-health-care-cyberattack-coronavirus/

Fresenius Group, a big European health care conglomerate, said
Wednesday that a computer virus had infected at least one of its
businesses’ IT systems. It’s another sign that malicious hackers see
medical organizations as fair game despite a global health crisis.

The Germany-based corporation said the security incident had hampered
some production in its pharmaceutical business, Fresenius Kabi, which
makes everything from nutritional products and infusion therapies to
pain relievers that are in high demand during the coronavirus
pandemic.

Fresenius Group spokesperson Steffen Rinas declined to specify which
production units were affected by the malware. He did say that
Fresenius’s hospitals — said to be the largest private network in
Europe — were not affected by the incident. The company did not
specify the nature of the virus.

“As a precautionary measure in accordance with the security protocol
drawn up for such cases, steps have been taken to prevent further
spread,” Rinas said in an email. “Nevertheless, our production
continues with certain limitations. Also, our patient care continues.
Our IT experts are continuing to work on solving the problem and
ensuring that operations run as smoothly as possible.”

Reports from independent journalist Brian Krebs and German technology
news outlet Golem said the computer virus was ransomware, raising the
possibility that Fresenius would have to negotiate with hackers or
rebuild its systems.

There were also signs the malware had spread to other parts of
Fresenius’s corporate empire, which reported $38 billion in sales for
2019. The malicious code affected Fresenius’s pharmaceutical business
in Norway, according to Norwegian newspaper Halden Arbeiderblad. The
company has a factory in Halden, south of Oslo, that produces
pharmaceuticals.

Rinas, the Fresenius Group spokesperson, said the Norwegian plant was
continuing production “with certain limitations.” He declined to
elaborate.

Criminal and government-linked hackers have consistently looked to
hack health care organizations and government bodies responding to the
COVID-19 crisis. Criminals typically hack these organizations to try
to extort them; multiple ransomware attacks on companies involved in
pandemic response have been reported.

Spies, on the other hand, are looking for intelligence or to steal
information that can help treat the virus. With a vaccine for the
respiratory disease likely still many months away, U.S. and U.K.
cybersecurity officials on Tuesday warned that government-linked
hackers would continue to target medical organizations.


More information about the BreachExchange mailing list