First death due to ransomware attack: German hospital patient dies

First death due to ransomware attack
Written by Emma Davis

Last week, September 10, 2020, the University Hospital Düsseldorf underwent a ransomware attack that hit its network and over 30 internal servers. Perhaps the side side effect was the first death due to the ransomware attack.

Hospital officials said the attack was linked to a vulnerability in popular commercial software.

Investigators have found that the source of the problem was a hacker attack on a weak spot in “widely used commercial add-on software,” which it didn’t identify. As a consequence, systems gradually crashed and the hospital wasn’t able to access data; emergency patients were taken elsewhere and operations postponed”said clinic representatives

In turn, ZDNet notes that shortly after the attack, the German cybersecurity agency recalled the danger of the CVE-2019-19871 vulnerability discovered in Citrix products last year. This bug is considered a favorite “entry point”, which is often exploited by ransomware operators.

According to the Associated Press, because of the incident, the hospital was unable to admit a woman that needed urgent medical care, and she was redirected to another clinic, located about 30 kilometers away. As a result, the patient passed away, and this incident is now called the first death of a person due to an extortionate attack.

Currently, German law enforcement agencies are already investigating the incident.

Prosecutors launched an investigation against the unknown perpetrators on suspicion of negligent manslaughter because a patient in a life-threatening condition who was supposed to be taken to the hospital last Friday night was sent instead to a hospital in Wuppertal, a roughly 32-kilometer (20-mile) drive. Doctors weren’t able to start treating her for an hour and she died”reported in associated Press

According to local media reports, the operators of the unnamed ransomware had already withdrawn their ransom demands and provided the clinic with decryption keys when it became known that the attack, in fact, led to the closure of the hospital. Currently, the clinic staff is engaged in the restoration of damaged systems.

Interestingly, the attack on the medical facility appears to have been a mistake, according to the Associated Press and RTL news agency. The fact is that the extortionate message left by the hackers was addressed to the Heinrich Heine University of Dusseldorf, to which the hospital belongs, but not to the clinic itself.

Let me remind you that Maze and Doppel Paymer ransomware operators stated that suspended attacks on medical organizations during a pandemic, but you can hardly trust the words of criminals 100%.

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Emma Davis

I'm writer and content manager (a short time ago completed a bachelor degree in Marketing from the Gustavus Adolphus College). For now, I have a deep drive to study cyber security.

Leave a Reply