SECURITY
SECURITY
SECURITY
German patient dies after being diverted from hospital hit by ransomware attack
A German woman has died after being diverted from a hospital that had suffered a ransomware attack, allegedly the first death attributed directly to such an attack.
The ransomware attack targeted the Duesseldorf University Hospital Sept. 10, resulting in critical systems at the hospital being shut down. As a result of the outage, patients seeking emergency care were diverted to a hospital in Wuppertal, 32 kilometers (20 miles) away. The diversion delayed treatment of the woman by about an hour and doctors were unable to treat her in time to save her.
The form of ransomware used in the attack was not disclosed, but local officials said that it affected 30 servers. The ransomware infection path is said to have involved the attackers exploiting a vulnerability in a “widely used commercial add-on software.” Ars Technica reported that around the same time, the CERT-Bund, the German cybersecurity authority, tweeted a link to a security advisory from January relating to a critical vulnerability in the Citrix application delivery controller.
Data was encrypted on affected servers, but atypically for a ransomware attack, a set ransom was not demanded. Those behind the attack instead asked for the addresses to get in touch. According to the Associated Press, the letter was addressed to the Heinrich Heine University, which the Duesseldorf hospital is affiliated with but not to the hospital.
Authorities then reached out to those behind the attack and told them that the hospital and not the university had been affected, endangering patient lives. Perhaps proving that sometimes cybercriminals do have a heart, the perpetrators withdrew their demands for a ransom and provided a key to decrypt the data.
German authorities have launched an investigation against those behind the ransomware attack on suspicion of negligent manslaughter.
Ransomware attacks targeting hospitals have been increasing this year amid the COVID-19 pandemic. Fresenius SE & Co. KGaA, Europe’s largest private hospital operator, was hit by ransomware that limited the use of some of its systems in May.
Photo: Wiegels/Wikimedia Commons
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
