Other issues in this category (13)
Don't believe them, don't be afraid, and protect yourselves
Thursday, April 15, 2021
Do you remember reading news stories about how criminals are opting not to carry out attacks against hospitals? And since that’s the case, why should these institutions protect their systems if hackers are so noble?
But criminals should never be believed—they continued their attacks and hospital equipment stopped working. Sooner or later, that had to lead to a sad result.
A patient who required emergency medical care could not be admitted to a hospital in Dusseldorf since their employees were eliminating the aftermath of an encryption ransomware attack that had compromised its network and infected over 30 internal servers.
The woman died after she was re-routed to a hospital in the city of Wuppertal, more than 30 km away from her initial intended destination, University Hospital Dusseldorf.
According to this tweet, hospital officials blamed the ransomware infection on a vulnerability in a widely used commercial software program.
One day earlier, BSI (the German cyber security agency) suddenly issued an alert in which it asked German companies to update their Citrix network gateways to eliminate the CVE-2019-19871 vulnerability, a known point of entry for ransomware programs.
The Associated Press also reported that the entire attack on the hospital network appeared to be an unsuccessful attempt to threaten a local university (Heinrich Heine University Dusseldorf), and the hospital was just a part of a larger network.
For some period, the hospital suffered difficulties while restoring the systems. Elective and outpatient treatment has been stopped or postponed.
The University Hospital Dusseldorf has had to significantly minimise the number of surgeries it performs—from 70-120 per day to only 10-15 per day.
The Anti-virus Times recommends
Noble highwaymen are more likely to be encountered in literary works, not in real life. What such "nobility" among cybercriminals proves to be is no secret.
So the conclusion is simple: what can be attacked—will be attacked. Including hospitals if they are vulnerable.