Last week, a historic day came and went, and not in a good way. A ransomware attack on a hospital in Dusseldorf<\/a> in Germany resulted in the death of a patient who had to be rerouted to another hospital 30km away and died as a result of the delay. The police have opened a negligent manslaughter investigation into this death. If they determine the patient would have survived without the delay caused by the attack, the hackers could be charged with homicide. If they can be found that is.<\/p>\n\n\n\n
Back to Dusseldorf Hospital and another twist in the tale. The hospital was not the intended target for this ransomware attack. The ransom note was addressed to a different institution entirely. When the hackers realised their mistake, they gave the hospital the decryption key without asking for a ransom, and then disappeared. If this was a genuine mistake, it looks like it was a deadly one. <\/p>\n\n\n\n
Why wasn\u2019t the hospital the target of the ransomware attack? Is there such a thing as a code of ethics among hackers that believes that hospitals are out of bounds? Were they one of the hacker groups who announced they would not attack hospitals during the Covid-19 pandemic<\/a>? Not that the ceasefire lasted long as others took advantage<\/a> of the situation, with increasing numbers of attacks on hospitals as the pandemic continues.\u00a0<\/p>\n\n\n\n
Sadly though, this viewpoint is changing as hackers are tempted by the easy target that many hospitals present (remember WannaCry<\/a>?).<\/p>\n\n\n\n
The hospital is also under investigation as to how they were hacked in the first place. The attackers gained access to the hospital\u2019s systems through a vulnerability in a popular VPN software provided by a well-known company. Germany\u2019s national cybersecurity agency had warned that this software was vulnerable to attack as long ago as January.<\/p>\n\n\n\n
Ransomware attackers are known for their incredible patience. Once they have access to an organisation\u2019s systems, they may lie quietly in wait until the best possible time to unleash their attack. It may take months or even years, and the victim may never even know they are there until it is too late.<\/p>\n\n\n\n
So what can an organisation do when it is notified that their systems are vulnerable to cyber attack?<\/p>\n\n\n\n
One approach is to get on top of the situation as quickly as possible by implementing cyber security measures and best practices. Once there is a warning of a specific threat, an infrastructure security assessment<\/a> of all their systems will enable them to understand their vulnerabilities to attack. <\/p>\n\n\n\n
As with medicine, it is cheaper to stop a virus as soon as possible before it becomes a full blown pandemic (pun intended). Protect your systems<\/a> and stay safe.<\/p>\n","protected":false},"excerpt":{"rendered":"