Security News

The Doppelpaymer ransomware gang were behind the cyber-attack on a German hospital that led to one patient's death, according to local sources. The Aachener Zeitung newspaper carried a report from the German Press Association that Doppelpaymer's eponymous ransomware had been introduced to the University Hospital Düsseldorf's network through a vulnerable Citrix product.

German authorities probing a cyber attack on a hospital's IT system that led to a fatal delay in treatment for a critically ill woman believe the software used can be traced back to Russian hackers. In an update to lawmakers published on Tuesday, prosecutors wrote that hackers used malware known as "Doppelpaymer" to disable computers at Duesseldorf University Hospital on September 10, aiming to encrypt data and then demand payment to unlock it again.

German authorities last week disclosed that a ransomware attack on the University Hospital of Düsseldorf caused a failure of IT systems, resulting in the death of a woman who had to be sent to another hospital that was 20 miles away. The attack, which exploited a Citrix ADC CVE-2019-19781 vulnerability to cripple the hospital systems on September 10, is said to have been "Misdirected" in that it was originally intended for Heinrich Heine University, according to an extortion note left by the perpetrators.

A woman in Germany died after a ransomware infection prevented her hospital from giving her emergency treatment. The unnamed patient died en route to a hospital in another city after she was unable to get treatment in Düsseldorf due to the malware affecting computer systems.

German authorities said Thursday that what appears to have been a misdirected hacker attack caused the failure of IT systems at a major hospital in Duesseldorf, and a woman who needed urgent admission died after she had to be taken to another city for treatment. As a consequence, systems gradually crashed and the hospital wasn't able to access data; emergency patients were taken elsewhere and operations postponed.

Healthcare data breaches have fallen this year but could surge over the next few months as hospital records remain a top target, says CI Security. Published on Thursday, "The Healthcare Data Breach Report" specifically looks at data breaches reported by healthcare organizations from January through June 2020.

A dozen vulnerabilities have been found in OpenClinic GA, a popular open source hospital management system, including flaws that can be exploited to access sensitive information or install malware on the hosting server. OpenClinic GA is described as an "Integrated hospital information management system covering management of administrative, financial, clinical, lab, x-ray, pharmacy, meals distribution and other data." The product is used worldwide and it has been downloaded nearly 120,000 times from SourceForge.

Japanese car maker Honda has been hit by ransomware that disrupted its production of vehicles and also affected internal communications, according to reports. Some Honda factories around the world were forced to suspend production, though output from Turkey, India, USA and Brazil locations remain on hold at the time of writing.

They illustrate how insecure devices increase the cyber attack surface and pose a significant risk to the operational continuity of hospitals and patient safety. Say, in terms of regulations post-COVID, are you seeing any government movement in that direction? Making sure hospitals are better prepared for the day after COVID? Do you see hospitals actually better prepared for the next pandemic following this crisis?

A cybercriminal gang have been arrested for spreading the Locky ransomware among hospitals, among other crimes. These attacks were directed against several public institutions both in Bucharest and elsewhere, and more were planned.