Membership is FREE!   Professional Designations for Business & Technology Professionals

Cybersecurity

Police launch homicide inquiry after German hospital hack

2 Mins read
German police have launched a homicide investigation after a woman died during a cyber-attack on a hospital.
Hackers disabled computer systems at Düsseldorf University Hospital and the patient died while doctors attempted to transfer her to another hospital.
Cologne prosecutors officially launched a negligent homicide case this morning saying hackers could be blamed.
One expert said, if confirmed, it would be the first known case of a life being lost as a result of a hack.
The ransomware attack hit the hospital on the night of 9 September, scrambling data and making computer systems inoperable.
Such attacks are one of the most serious threats in cyber-security with dozens of high profile attacks so far this year. The attackers can demand large payments in cryptocurrency Bitcoin in exchange for a software key that unlocks IT systems.
The female patient, from Düsseldorf, was due to have scheduled life-saving treatment and was transferred to another hospital in Wuppertal which is roughly 19 miles (30km) away.
A map shows the distance from Dusseldorf to Wuppertal in Germany
Some local reports suggest the hackers did not intend to attack the hospital and in fact were trying to target a different university. Once the hackers had realised their mistake it is reported they gave the hospital the decryption key without demanding payment before disappearing.
Detectives have brought in cyber-security experts to ascertain whether there is a link between the hack and the patient’s death, with the hospital also likely to be investigated.
Germany’s national cyber-security authority says it is on site at the hospital helping the hospital’s IT staff rebuild systems.
Its president Arne Schönbohm said hackers took advantage of a well-known vulnerability in a piece of VPN (virtual private network) software developed by Citrix, and warned other organisations to protect themselves from the flaw.
“We warned of the vulnerability as early as January and pointed out the consequences of its exploitation. Attackers gain access to the internal networks and systems and can still paralyse them months later.
“I can only stress that such warnings should not be ignored or postponed, but need appropriate measures immediately. The incident shows once again how seriously this risk must be taken.”
Former chief executive of the UK’s National Cyber Security Centre Ciaran Martin said: “If confirmed, this tragedy would be the first known case of a death directly linked to a cyber-attack. It is not surprising that the cause of this is a ransomware attack by criminals rather than an attack by a nation state or terrorists.
“Although the purpose of ransomware is to make money, it stops systems working. So if you attack a hospital, then things like this are likely to happen. There were a few near misses across Europe earlier in the year and this looks, sadly, like the worst might have come to pass.”
Last month, technology giant Garmin is understood to have paid hackers a multi-million pound sum after its IT and production systems were taken offline in a ransomware attack.
Law enforcement agencies encourage victims not to pay ransoms arguing it fuels organised cyber-crime operations.
Related posts
Cloud ComputingCybersecurity

DOD to move 18M biometric records on ‘threat actors’ to AWS’s cloud

1 Mins read
The Department of Defense wants to modernize an 18-million-record system of biometric data on adversaries by moving it to Amazon Web Service‘s cloud, the department indicated…
Cybersecurity

84 percent of Canadians wary of interacting with organizations hit by data breach: report

1 Mins read
54 percent of respondents said they have received ‘a lot more’ suspicious emails in the last six months A new study from…
Cybersecurity

FBI ‘Drive-By’ Hacking Threat Just Got Real: Here’s Why You Should Be Concerned

2 Mins read
Warnings that our IoT devices might be spying on us are nothing new—remember the smart speaker fiasco last year? But at least we…
Join BIZTEK

Yes, I have read and live by this Code of Ethics - https://biztek.org/code-of-ethics/. We are BIZTEK, located in Mississauga, Ontario. Business Certification is an important part of doing business in Canada. Join us to set new standards and professionalism to the technology sector. We will email you regarding issues that affect business and technology professionals in Canada. Contact us at info@biztek.org or call us at 647 499 2744. You can unsubscribe at any time.