In an unusual case, a German woman died of ransomware. German police have launched a homicide case against the hackers.
In a first of it is kind, a female patient from Dusseldorf, Germany, due to getting a life-saving treatment died as a result of a cyber-attack at Dusseldorf University Hospital which resulted in locking the systems across the hospital.
The incident took place on September 10, 2020, when hackers got into the systems of the hospital provided by Citrix Applications. Citrix applications had a known vulnerability since December last year which was patched in January 2020. The vulnerability lies in the VPN products of the company.
BSI, The Federal Office for Information Security has reported many breach incidents related to Citrix vulnerability last year. BSI also offered its security consultation to the university hospital for immediate rebuilding the system and securing the servers of the hospital. The applications which were breached before the security patch are yet accessible by hackers even after the gap is filled by the company reported BSI.
“We warned of the vulnerability back in January and pointed out the consequences of its exploitation. Attackers gain access to internal networks and systems and can paralyze them months later. I can only urge you not to ignore or postpone such warnings but to take appropriate action immediately. The incident shows once again how seriously this danger must be taken. This is one of the reasons why the Federal Government has provided in the draft of the Hospital Future Act that at least 15 percent of the funding applied for must be used for measures to improve information security, ”explains BSI President Arne Schönbohm.
A negligent homicide case has been launched by the cologne prosecutor blaming the hackers. The ransomware hit the hospital on the 9th of September scrambling data and making computer systems inoperable.
However, reports suggest that the target was not the university hospital but some other university and so as soon as the mistake came into notice, hackers provided the decryption key without demanding any ransom and flee away leaving no trace as of now.
As a result of the attack, the women had to be transferred to another hospital about 19 miles away to a hospital in Wuppertal which led to her death.
According to UK’s National Cyber Security Center former chief Ciaran Martin, this is the first incident of cyber-attack which led to the death of a person. Hospital is also under lens after the horrific incident.
Even though the vulnerability was patched in January this year, some systems are still affected by the exploitation. Activities like data encryption, accessing confidential information, access to internal network can be established.
According to data compiled by Emisoft in 2019, 764 healthcare providers were compromised by ransomware in the USA alone. Incident of rerouting the patients is not new either.
Users of Citrix Gateways and Citrix Application Delivery Controller are advised to check their systems and network for any possible flaw. It is advisable to take consultation from IT security experts in case your own team lacks expertise.
Ransomware attacks are on the rise and can cost a fortune to the compromised organization. It is always better to be safe. It is also necessary to respond quickly in case of any compromise. Below are some tips to follow as rapid response measures
- Isolate the affected systems on top priority
- Secure your backup
- Hault all the maintenance tasks at once
- Identify the malware strain. Ransom identifiers are available for free.