UPDATED 20:30 EDT / SEPTEMBER 17 2020

ransomhospital SECURITY

German patient dies after being diverted from hospital hit by ransomware attack

A German woman has died after being diverted from a hospital that had suffered a ransomware attack, allegedly the first death attributed directly to such an attack.

The ransomware attack targeted the Duesseldorf University Hospital Sept. 10, resulting in critical systems at the hospital being shut down. As a result of the outage, patients seeking emergency care were diverted to a hospital in Wuppertal, 32 kilometers (20 miles) away. The diversion delayed treatment of the woman by about an hour and doctors were unable to treat her in time to save her.

The form of ransomware used in the attack was not disclosed, but local officials said that it affected 30 servers. The ransomware infection path is said to have involved the attackers exploiting a vulnerability in a “widely used commercial add-on software.” Ars Technica reported that around the same time, the CERT-Bund, the German cybersecurity authority, tweeted a link to a security advisory from January relating to a critical vulnerability in the Citrix application delivery controller.

Data was encrypted on affected servers, but atypically for a ransomware attack, a set ransom was not demanded. Those behind the attack instead asked for the addresses to get in touch. According to the Associated Press, the letter was addressed to the Heinrich Heine University, which the Duesseldorf hospital is affiliated with but not to the hospital.

Authorities then reached out to those behind the attack and told them that the hospital and not the university had been affected, endangering patient lives. Perhaps proving that sometimes cybercriminals do have a heart, the perpetrators withdrew their demands for a ransom and provided a key to decrypt the data.

German authorities have launched an investigation against those behind the ransomware attack on suspicion of negligent manslaughter.

Ransomware attacks targeting hospitals have been increasing this year amid the COVID-19 pandemic. Fresenius SE & Co. KGaA, Europe’s largest private hospital operator, was hit by ransomware that limited the use of some of its systems in May.

Photo: Wiegels/Wikimedia Commons

Since you’re here …

Show your support for our mission with our one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will suggest relevant enterprise and emerging technology content to you. Thanks!

Support our mission:    >>>>>>  SUBSCRIBE NOW >>>>>>  to our YouTube channel.

… We’d also like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.