The first reported death from a cyberattack occurred in Germany last month.
According to reports, a ransomware attack crashed 30 servers at University Hospital Düsseldorf, forcing the facility to turn away emergency patients.
A woman died from treatment delays when she was diverted from the Düsseldorf hospital to another 20 miles away.
It is not clear whether University Hospital Düsseldorf’s systems were the primary target, or if the hospital got caught in an attack on the university, according to authorities.
Regardless of this incident’s motive, hospitals have been a prime target for cybercriminals because they rely on IT systems for critical activities. When computers go down in an attack, it creates urgency.
“Hospitals can’t afford downtime, which means they may be more likely to pay — and quickly with minimal negotiation — to restore their services,” said Brett Callow, a threat analyst at security firm Emsisoft, to The New York Times. “That makes them a prime target.”
According to The New York Times, “the most aggressive reported attacks on health care facilities to date were North Korea’s 2017 “WannaCry” ransomware attack, which froze British hospitals and forced doctors to cancel surgeries and turn patients away, and a Russian “NotPetya” attack one month later, which forced hospitals in rural Virginia and across Pennsylvania to turn away patients whose records they could no longer access.”
“This (death) was absolutely inevitable,” Callow said to The NY Times. “We are fortunate it hasn’t happened sooner.”
A record 764 American health care providers were hit by ransomware in 2019, according to reports.
The FBI continues to advise ransomware victims not to pay to unlock their data. However, a 2019 report by ProPublica found that cyber insurance is helping fuel more ransomware attacks.
“The onus isn’t on the insurance company to stop the criminal, that’s not their mission. Their objective is to help you get back to business. But it does beg the question, when you pay out to these criminals, what happens in the future?” Loretta Worters, a spokeswoman for the Insurance Information Institute, said to ProPublica.
Ransom payouts have encouraged cybercriminals as they have upped their demands in recent years.
Germany’s Federal Agency for Security said the Düsseldorf attackers breached the hospital using a software hole that had been patched last January. The hospital had failed to update its software.
German prosecutors are investigating possible manslaughter charges against the hackers, but it is unlikely any arrests will be made.
Chivaroli and Associates Insurance Services is a full-service brokerage firm specializing in the custom-design and placement of insurance and alternative risk funding solutions for your healthcare organization.