(ORDO NEWS) — Securityweek portal citing Associated Press, on Thursday, September 10, thirty servers of the University Hospital of Dusseldorf were encrypted by cybercriminals. Unknown persons got into the internal network by attacking one of the clinic’s computers using a flaw in widely used commercial software (the name of the software was not specified) and demanded a ransom.
Moreover, the “note” with the method of communication with the hackers and without specifying the amount of the required amount came to the address of the Heinrich Heine University of Dusseldorf, in whose subordination the healthcare institution is located.
Doctors and local IT specialists immediately contacted the police and then began to restore the functionality of all systems. Law enforcement officers were able to contact the cybercriminals and informed them that they blocked the work of a large hospital. Apparently, the target of the hackers was the institute, not the clinic, because they immediately provided the keys to decrypt all the files.
It took several hours to fix the basic problems and return to the operability of all computerized equipment. All this time, patients were redirected to other medical facilities, and operations had to be postponed. Fortunately, there were no signs of theft or loss of patient data, and the hospital was fully operational by Friday morning.
But this is all good news, the end of the story is sad – while the police and IT specialists were restoring the digital infrastructure of the hospital, one patient could not be admitted on time and was sent 32 kilometers away to a nearby suitable hospital in Wuppertal. Unfortunately, the total delay in providing assistance was about an hour, which, taking into account the serious condition of the patient, was critical and she died.
A criminal case was opened against the hackers by the Ministry of Justice of the state of North Rhine-Westphalia – they are facing prison for negligent murder. Nothing is known about the progress of the investigation; representatives of the security agencies only reported that there was no more communication with the attackers.
Recall that the largest Israeli microelectronics manufacturer Tower Semiconductor recently suffered a similar attack and its management had to pay the hackers the required amount to resume work. And at the end of the summer, a scandalous story about how an attacker tried to bribe a Tesla Gigafactory employee in the United States to smuggle inside a drive with a Trojan became public.
Contact us: [email protected]