Last week, September 10, 2020, the University Hospital Düsseldorf underwent a ransomware attack that hit its network and over 30 internal servers. Perhaps the side side effect was the first death due to the ransomware attack.
Hospital officials said the attack was linked to a vulnerability in popular commercial software.
In turn, ZDNet notes that shortly after the attack, the German cybersecurity agency recalled the danger of the CVE-2019-19871 vulnerability discovered in Citrix products last year. This bug is considered a favorite “entry point”, which is often exploited by ransomware operators.
According to the Associated Press, because of the incident, the hospital was unable to admit a woman that needed urgent medical care, and she was redirected to another clinic, located about 30 kilometers away. As a result, the patient passed away, and this incident is now called the first death of a person due to an extortionate attack.
Currently, German law enforcement agencies are already investigating the incident.
According to local media reports, the operators of the unnamed ransomware had already withdrawn their ransom demands and provided the clinic with decryption keys when it became known that the attack, in fact, led to the closure of the hospital. Currently, the clinic staff is engaged in the restoration of damaged systems.
Interestingly, the attack on the medical facility appears to have been a mistake, according to the Associated Press and RTL news agency. The fact is that the extortionate message left by the hackers was addressed to the Heinrich Heine University of Dusseldorf, to which the hospital belongs, but not to the clinic itself.
Let me remind you that Maze and Doppel Paymer ransomware operators stated that suspended attacks on medical organizations during a pandemic, but you can hardly trust the words of criminals 100%.
