Hackers use the ransomware technique to block a computer network and demand a ransom to restore access to it. A first (indirect) death caused by such an attack occurred in a German hospital.
Made in cooperation with our partners at esanum.it
In recent days, the first case of death caused by a ransomware attack has been recorded. Dusseldorf University Hospital (Germany) was paralyzed by a ransomware attack and was unable to take care of a female patient in critical condition. The patient died after being diverted to a hospital in the city of Wuppertal, more than 30km from her initial destination.
The patient, who needed urgent treatment, could not be looked after in the Dusseldorf hospital because her computer systems were being held hostage by a group of hackers. The woman was rushed to a more distant hospital and died. There is a good chance that the delay in treatment affected the deteriorating condition of the patient. The German authorities are investigating to identify the hackers, who could be accused of manslaughter.
A report by the Minister of Justice of the German state of North Rhine-Westphalia reveals that the attack encrypted some 30 hospital servers with a message inviting the Heinrich Heine University, to which the Dusseldorf hospital is affiliated, to pay a ransom.
After several hours, the Dusseldorf police managed to communicate with the hackers, informing them that the attack had also hit a hospital with an emergency room, not just the university offices. The hackers then withdrew the ransom demand and provided the decryption key to unlock the servers, making themselves untraceable.
The Associated Press also reported that the entire ransomware attack on the hospital's network appears to have been an accident, with the ransom request addressed to the local university, and not directly to the hospital, which was only part of the computer network.
Hospital managers have written on Twitter that the cyber-blocking took place by exploiting a vulnerability in a "widely used commercial add-on software" that the tweet did not identify.
The question arises as to how it is possible that a computer blockade could prevent a hospital from managing emergency situations. This raises the question of to what extent hospitals today do not have critical patient management procedures in case of computer blockages.
This is not the first time a hospital has been paralyzed by a ransomware attack. In 2019 several hospitals around the world were affected by attacks that also hampered their ability to accept new patients. Three hospitals in Alabama were only able to restore their computer systems after they had paid the ransom. This also happened in Italy, at the Erba hospital, where 35,000 X-rays were made inaccessible. Also, a few weeks ago a serious cyber attack hit the Tor Vergata University in Rome, affecting equipment, software, and teams involving ongoing research on the coronavirus.
Sources:
1. Goodin D. Patient dies after ransomware attack reroutes her to remote hospital. Ars Technica. 9/17/2020
2. Cimpanu C, Day Z. First death reported following a ransomware attack on a German hospital. ZDnet. 17/9/2020
3. Marino A. In Germany the first death from ransomware: the tragedy in a clinic in Dusseldorf. Everyeye.it. 18/09/2020