A Hospital Hack Caused A Patient To Die

German police have now begun an investigation after hackers took-down the computer systems at Düsseldorf University Hospital and a woman patient died while doctors attempted to transfer her to another hospital. The female patient was suffering from a life-threatening illness and was due to have life-saving treatment, but had to be turned away on the night of 11 September by the city’s university hospital and she died after the ambulance carrying her was diverted to another hospital (20 miles) away.

Medical staff believe the woman died from the delay in treatment after hackers attacked a hospital’s computer system. 

Cologne prosecutors have now officially launched a negligent homicide case saying that the hackers could be blamed for the death. One expert said, if confirmed, it would be the first known case of a life being lost as a result of a hack.

The ransomware attack hit the hospital on the night of 9 September, scrambling data and making computer systems inoperable. Such attacks are one of the most serious threats in cybersecurity with dozens of high profile attacks so far this year. The attackers can demand large payments in crypto-currency Bitcoin in exchange for a software key that unlocks IT systems. 

Some local reports suggest the hackers did not intend to attack the hospital and in fact were trying to target a different university. Once the hackers had realised their mistake it is reported they gave the hospital the decryption key without demanding payment before disappearing.

Germany’s cyber security agency, the Federal Office for Information Security, was called in to shore up the hospital’s systems. Its chief, Arne Schönbohm, said the Citrix flaw had been known about since December 2019 and called on healthcare facilities not to delay IT security upgrades.

Ciaran Martin who stepped down as the head of Britain’s National Cyber Security Centre recently said, “If confirmed, this  tragedy would be the first case I know of, anywhere in the world, where the death of a human life can be linked in any way to a cyber-attack,” he told a Royal United Services Institute event in London.

“The bad news is that causing disruption, pain and economic harm through cyber-attack and even putting small numbers of people indirectly at risk as we’ve seen with ransomware remains too easy for my liking ... The better news is that killing large numbers of people by cyber-attack deliberately remains thankfully quite hard.... The capabilities to do it are in the hands of only a very small number of nation-states and it is currently not in the interest of any of them any more than it is to fire live rounds at their adversaries.”

Martin also said that although in his time as NCSC chief executive he never had to declare a “category one” cyber-attack, the most severe type of national incident, it did not mean they may not in the future.

BBC:       Guardian:       NY Times:    Shropshire Star

You Might Also Read: 

Easy: Hackers Take Down A Hospital:

 

« Cyber Security Should Be A Mandatory Requirement
Foreign Influence In The American Election Of 2020 Is Declining »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Operational Center for Information Systems Security (COSSI)

Operational Center for Information Systems Security (COSSI)

COSSI is responsible for the detection and mitigation of cyber attacks directed at French Government information systems.

SafeHouse Technologies

SafeHouse Technologies

SafeHouse is a cloud-based, high-end cybersecurity platform that can secure and insure any device that is connected to it.

Belle de Mai Incubator

Belle de Mai Incubator

Belle de Mai Incubator supports and funds innovative startup ideas in digital industries.

Intercast Global

Intercast Global

Intercast's mission is to be a strategic resource to our clients in Risk Reduction. We are a global leader in cyber security staffing and consulting to the enterprise.

Sayata Labs

Sayata Labs

Sayata delivers a streamlined solution for processing cyber policies. Increase profitability with an easy and intuitive platform.

Flix11

Flix11

Flix11 is a Cyber Security & ICT Solutions focused company. We provide a range of products and services in Cyber Security, Internet of Things (IoT) and infrastructure solutions.

Periculus

Periculus

Periculus makes managing digital risk simple. Its integrated platform offers access to purchase cyber insurance and cyber security solutions uniquely tailored to fit the needs of every business.

Amvia

Amvia

Amvia is a fast-growing telecoms, Internet and Microsoft service provider. We supply voice, data and cyber security services to 100s of small and large companies.

GeoEdge

GeoEdge

GeoEdge is the premier provider of ad security and quality solutions for the online and mobile advertising ecosystem.

CYDEF

CYDEF

CYDEF provides comprehensive, state-of-the-art cybersecurity protection that is accessible and affordable to organizations of any size.

Metabase Q

Metabase Q

Metabase Q protects you from financial and reputational losses with more efficient and intelligent cybersecurity, using the best worldwide in technologies, processes and specialists.

Prophaze Technologies

Prophaze Technologies

Prophaze enable organizations and SaaS providers to improve their web application cybersecurity and reduce costs through AI automation.

SquareX

SquareX

Squarex secures your online activities without compromising productivity.

Port-IT

Port-IT

Port-IT is a leading partner in cybersecurity solutions tailored for the maritime industry.

BetterWorld Technology

BetterWorld Technology

BetterWorld Technology provides cloud solutions, managed services, SaaS, cybersecurity and virtual CIO, all customized to meet your needs.

MultiQoS

MultiQoS

MultiQoS is a software development company that provides web and mobile app development solutions. We deliver business IT solutions and related services to customers worldwide.