{"id":6587,"date":"2020-09-23T15:36:19","date_gmt":"2020-09-23T15:36:19","guid":{"rendered":"https:\/\/outofsite.biz\/cynance\/?p=6587"},"modified":"2020-09-23T15:36:20","modified_gmt":"2020-09-23T15:36:20","slug":"warning-ransomware-attacks-may-cost-lives","status":"publish","type":"post","link":"https:\/\/outofsite.biz\/cynance\/warning-ransomware-attacks-may-cost-lives\/","title":{"rendered":"Warning: Ransomware attacks may cost lives"},"content":{"rendered":"\n
Last week, a historic day came and went, and not in a good way. A ransomware attack on a hospital in Dusseldorf<\/a> in Germany resulted in the death of a patient who had to be rerouted to another hospital 30km away and died as a result of the delay. The police have opened a negligent manslaughter investigation into this death. If they determine the patient would have survived without the delay caused by the attack, the hackers could be charged with homicide. If they can be found that is.<\/p>\n\n\n\n The ransomware attack on 9th September infected more than 30 servers, encrypted the hospital\u2019s data, and took down computer systems. It closed the hospital to emergencies, rerouting all incoming patients to other hospitals in the region, and postponing other visits and appointments.<\/p>\n\n\n\n Many hospitals have been victims of a ransomware attack in the last few years. Hospitals are particularly vulnerable to a ransomware attack because they do not have any tolerance at all to being offline, making them likely to pay the requested ransom. More and more medical equipment is connected to the internet, and a cyberattack will close these pieces of equipment down, putting lives in danger. <\/p>\n\n\n\n Back to Dusseldorf Hospital and another twist in the tale. The hospital was not the intended target for this ransomware attack. The ransom note was addressed to a different institution entirely. When the hackers realised their mistake, they gave the hospital the decryption key without asking for a ransom, and then disappeared. If this was a genuine mistake, it looks like it was a deadly one. <\/p>\n\n\n\n Why wasn\u2019t the hospital the target of the ransomware attack? Is there such a thing as a code of ethics among hackers that believes that hospitals are out of bounds? Were they one of the hacker groups who announced they would not attack hospitals during the Covid-19 pandemic<\/a>? Not that the ceasefire lasted long as others took advantage<\/a> of the situation, with increasing numbers of attacks on hospitals as the pandemic continues.\u00a0<\/p>\n\n\n\n A ransomware attack, like a physical raid on a hospital in the past, leaves the hospital unable to run their services, and many hackers don\u2019t want to be held directly responsible for deaths. They may also be guided by more self-serving rules. After all, the hackers, their friends, or families may also need urgent healthcare at any time, possibly from that very hospital.<\/p>\n\n\n\n Sadly though, this viewpoint is changing as hackers are tempted by the easy target that many hospitals present (remember WannaCry<\/a>?).<\/p>\n\n\n\n The hospital is also under investigation as to how they were hacked in the first place. The attackers gained access to the hospital\u2019s systems through a vulnerability in a popular VPN software provided by a well-known company. Germany\u2019s national cybersecurity agency had warned that this software was vulnerable to attack as long ago as January.<\/p>\n\n\n\n Ransomware attackers are known for their incredible patience. Once they have access to an organisation\u2019s systems, they may lie quietly in wait until the best possible time to unleash their attack. It may take months or even years, and the victim may never even know they are there until it is too late.<\/p>\n\n\n\n So what can an organisation do when it is notified that their systems are vulnerable to cyber attack?<\/p>\n\n\n\n One approach is to get on top of the situation as quickly as possible by implementing cyber security measures and best practices. Once there is a warning of a specific threat, an infrastructure security assessment<\/a> of all their systems will enable them to understand their vulnerabilities to attack. <\/p>\n\n\n\n The infrastructure security assessment assesses their systems\u2019 architecture, and reviews every layer of the organisation\u2019s security from perimeter defenses\u00a0 down to workstations and how data is protected. The assessment will even evaluate software bought from another supplier – for example a well known VPN, discovering a piece of silent code waiting inside a system for the opportunity to attack.<\/p>\n\n\n\nA tragic comedy of errors<\/h2>\n\n\n\n
Ransomware attack warnings are there to be taken seriously<\/h2>\n\n\n\n
Get ahead of the attackers<\/h2>\n\n\n\n