A Hospital Hack Caused A Patient To Die

Uploaded on 2020-09-21 in GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-Health & Welfare, TECHNOLOGY--Hackers

German police have now begun an investigation after hackers took-down the computer systems at Düsseldorf University Hospital and a woman patient died while doctors attempted to transfer her to another hospital. The female patient was suffering from a life-threatening illness and was due to have life-saving treatment, but had to be turned away on the night of 11 September by the city’s university hospital and she died after the ambulance carrying her was diverted to another hospital (20 miles) away.

Medical staff believe the woman died from the delay in treatment after hackers attacked a hospital’s computer system. 

Cologne prosecutors have now officially launched a negligent homicide case saying that the hackers could be blamed for the death. One expert said, if confirmed, it would be the first known case of a life being lost as a result of a hack.

The ransomware attack hit the hospital on the night of 9 September, scrambling data and making computer systems inoperable. Such attacks are one of the most serious threats in cybersecurity with dozens of high profile attacks so far this year. The attackers can demand large payments in crypto-currency Bitcoin in exchange for a software key that unlocks IT systems. 

Some local reports suggest the hackers did not intend to attack the hospital and in fact were trying to target a different university. Once the hackers had realised their mistake it is reported they gave the hospital the decryption key without demanding payment before disappearing.

Germany’s cyber security agency, the Federal Office for Information Security, was called in to shore up the hospital’s systems. Its chief, Arne Schönbohm, said the Citrix flaw had been known about since December 2019 and called on healthcare facilities not to delay IT security upgrades.

Ciaran Martin who stepped down as the head of Britain’s National Cyber Security Centre recently said, “If confirmed, this  tragedy would be the first case I know of, anywhere in the world, where the death of a human life can be linked in any way to a cyber-attack,” he told a Royal United Services Institute event in London.

“The bad news is that causing disruption, pain and economic harm through cyber-attack and even putting small numbers of people indirectly at risk as we’ve seen with ransomware remains too easy for my liking ... The better news is that killing large numbers of people by cyber-attack deliberately remains thankfully quite hard.... The capabilities to do it are in the hands of only a very small number of nation-states and it is currently not in the interest of any of them any more than it is to fire live rounds at their adversaries.”

Martin also said that although in his time as NCSC chief executive he never had to declare a “category one” cyber-attack, the most severe type of national incident, it did not mean they may not in the future.

BBC:       Guardian:       NY Times:    Shropshire Star

You Might Also Read: 

Easy: Hackers Take Down A Hospital:

 

« Cyber Security Should Be A Mandatory Requirement
Foreign Influence In The American Election Of 2020 Is Declining »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Innotec Security

Innotec Security

Innotec Security is a Spanish company specializing in cybersecurity-as-a-service, cyber resilience and cyber risk management.

SecureKey Technologies

SecureKey Technologies

SecureKey is a leading identity and authentication provider that simplifies consumer access to online services and applications.

CyberGuarded

CyberGuarded

CyberGuarded are an accredited vendor independent information security testing and auditing company.

Zuratrust

Zuratrust

Zuratrust provide protection for all kinds of email related cyber attacks.

Security BSides

Security BSides

Security BSides is the first grass roots, DIY, open security conference in the world!. BSides is a community-driven framework for building events for and by information security community members.

Resilience Cyber Insurance Solutions

Resilience Cyber Insurance Solutions

Resilience Cyber Insurance combines insurance expertise with cybersecurity and data talent to deliver clear, effective solutions to protect you for the cyberrisks of today—and tomorrow.

Nitrokey

Nitrokey

Nitrokey is the world-leading company in open source security hardware. Nitrokey develops IT security hardware for data encryption, key management and user authentication.

NARIS

NARIS

NARIS is the leading provider of an integrated Governance, Risk and Compliance platform called NARIS GRC.

FourthRev

FourthRev

FourthRev is an education-technology start-up with a mission to solve the skills crisis of the Fourth Industrial Revolution.

Apono

Apono

Apono enables DevOps and security teams to manage access to sensitive cloud assets and data repositories in a frictionless and compliant way.

AB Handshake

AB Handshake

AB Handshake offers a game-changing solution for telecom service providers that eliminates fraud on inbound and outbound voice traffic.

Pessimistic Security

Pessimistic Security

The team behind Pessimistic helps blockchain startups meet modern security challenges since 2017.

Northdoor

Northdoor

Northdoor provides a comprehensive set of services around information security and works with leading global technology vendors to deploy and manage cyber security solutions.

Sidcon International Consulting Company

Sidcon International Consulting Company

SIDCON International Consulting Company has been providing consulting services since 2002 for private and public organizations in Ukraine and other countries.

Emerge Digital

Emerge Digital

Emerge Digital is a technology and digital innovation business and Managed Services Provider providing solutions to SMEs.

Stratsec

Stratsec

Stratsec is a global team of experts on a mission to protect human life, well-being and the environment against cyber-driven threats.