Authorities are investigating the death of a hospital patient during a ransomware attack that is reported to have taken place last week. The attack took place at a hospital in the German city of Duesseldorf with the fatal incident marking the first-ever reported death caused by a ransomware attack.
Ransomware is a type of malware that often threatens to publish a victim's personal data unless a ransom is paid. More advanced forms of ransomware use a technique called cryptoviral extortion, in which the malware encrypts its victim's files, making them inaccessible, then demands a ransom payment in order to decrypt them. Last week's attack took place at Duesseldorf University Hospital, and it appears the ransomers did more collateral damage than initially intended.
According the the report from ZDNet, a female patient was in need of urgent medical care and died after being-rerouted to a different hospital nearly 20 miles from the Duesseldorf University Hospital. The initial hospital could not receive and treat the patient because it was having to deal with the ransomware attack that infected more than 30 internal servers and crippled its network. German authorities are currently investigating the woman's death, and if the ransomware attack is found to have been directly related to the death, police say the investigation will become a murder case. That very well could happen due to a strange and unfortunate circumstances surrounding this cyber attack.
How Cyber Extortion Could Suddenly Become Murder
What is most interesting and unfortunate about this tragic event is the aftermath of the malware attack. The ZDNet report goes on to reveal that as German authorities reached out to get more answers and explain how the hospital had been affected, the attackers withdrew their demands and sent a decryption key to get the its systems unlocked and running again. Through its own actions following the innocent woman's death, it appears that the ransomware gang not only did not intend to hurt (or kill) anyone, but their ransomware attack was not even intended for the hospital.
New details uncovered by The Associated Press reveal that the extortion note left on a hospital server was in fact intended for Duesseldorf Heinrich Heine University, not the Duesseldorf University hospital itself (although they are affiliated and share a larger network). Hospital officials have blamed the ransomware attack on a vulnerability in a widely used commercial software, but say that no data has ultimately been lost. Regardless, this series of unfortunate events currently shows that a group of attackers intended to hold a German University's data for ransom, but instead attacked its hospital, choking out all network functions and causing it to turn patients away. As a result of that attack, a woman is now dead. Authorities will continue this investigation and determine whether murder charges are necessary, so far the ransomware attackers have been silent, and for good reason.
Source: ZDNet, Associated Press