Ransomware Turns Deadly When Hospital is Hit by Cyber Attack

By:  |  Category: Blog, Security Monday, September 21st, 2020  |  No Comments
Ramsomware

Ransomware has always been a costly evil–but now it’s turned deadly.

German authorities last week shared that a ransomware attack on the University Hospital of Düsseldorf (UKD) led to a disruption of IT systems, culminating in the death of a woman who had to be sent to another hospital that was location 20 miles away.

This incident is the first recorded casualty as a direct consequence of a cyber assault on critical healthcare facilities, which has dramatically increased in recent months.

The cyber attack, which exploited a vulnerability in the hospital’s Citrix system-ADC CVE-2019-19781 on September 10, was apparently “misdirected” in that it was originally intended for Heinrich Heine University, according to an extortion note left by the perpetrators.

The police then reached out to the hackers to let them know that they had encrypted a hospital, and fortunately, the bad responsible for the attack withdrew the ransom demand and provided the decryption key.

The case is currently being classified as a homicide, BBC News reported.

As I’ve previously written about, several ransomware gangs early on during Covid declared they would not target hospitals and medical facilities, but with this recent attack Interpol has issued a warning cautioning hospitals against ransomware attacks designed to lock them out of their critical systems in an attempt to extort payments.

How do they get in?

Weak credentials and VPN vulnerabilities are usually the door off access to hackers trying to break into the internal networks of businesses and organizations.

“The [Federal Office for Information Security] is becoming increasingly aware of incidents in which Citrix systems were compromised before the security updates that were made available in January 2020 were installed,” the German cybersecurity agency said in an alert last week.

“This means that attackers still have access to the system and the networks behind it even after the security gap has been closed. This possibility is currently increasingly being used to carry out attacks on affected organizations.”

If your business needs a secure cyber resilience plan contact EnhancedTECH at714-970-9330.

Source: BBC News

Image Source: https://www.pexels.com/photo/woman-in-white-shirt-standing-near-glass-window-inside-room-127873/

Samantha Keller
Leave a Comment
Read previous post:
Vishing
Newest “Vishing” Scam Poses as Spectrum Health Employees

Has someone you don’t know called you recently to ask for personal information? The answer is most likely a yes,...

Close