A German ransomware attack may have resulted in the death of a woman, perhaps the first officially documented death as a result of a cyberattack that locked down hospital services. The attack, which took place last week in Dusseldorf, indirectly killed an emergency patient who had to be rerouted to an alternative hospital some 32km away in Wuppertal.
The woman, who wasn’t identified, was unable to begin emergency treatment for an hour longer than expected as a result of the detour. She died soon afterwards. The perpetrators of the attack are currently being investigated for negligent manslaughter, which was probably not the effect they were after when the hospital’s servers were first locked down.
Inevitable, still tragic
Ransomware attacks have been on the rise for years, with everyone from multinationals like Garmin and local entities like City Power being hit with attacks that encrypt databases and, generally, bring operations to a grinding halt. The normal procedure is to lock down as much of a target as possible, charging a fee for the encryption keys that will restore access and prevent the loss of revenue that not operating causes.
That was the case with the Dusseldorf attack, which saw some 30 hospital databases locked down last week Thursday, according to a report from North Rhine-Westphalia state’s justice minister. A ransom note left on one of the servers, addressed to the Heinrich Heine University, instructed recipients to get in touch. Unfortunately the hospital in question is only affiliated with the university, meaning the servers were incorrectly targeted.
Police investigators contacted the attackers who, when informed that they’d locked down a hospital, ended the attack by providing the key needed to decrypt the locked files. However, by that point the attack had already caused as least one death. This may be the the confirmed first death caused as the result of a ransomware attack on a hospital but it’s unlikely to be the last. Other attackers, rather than developing a conscience, may opt to use dying patients as additional leverage for their extortionate demands.
Source: Associated Press/SecurityWeek