Düsseldorf University Clinic Hit by Ransomware and Patient Dies

  • A persistent ransomware infection that crippled the systems of the Düsseldorf University Clinic resulted in a person’s death.
  • The hospital wasn’t admitting any new cases for over a week now, but one reached its premises nonetheless.
  • The particular infection was a mistake, as the actors were actually targeting the university itself.

On September 10, 2020, the Düsseldorf University Clinic announced a ransomware attack that paralyzed its operation completely. While existing patients continued to receive care, of course, no new ones were admitted. This had every case, even emergencies, directed elsewhere.

The days passed, but the IT problems remained, and the hospital wasn’t in a position to pay the ransom of 100 Bitcoins demanded by the malicious actors. On September 14, 2020, a spokesman of the clinic told the press that all planned operations had to be postponed, and all ambulances should take cases on other hospitals.

Unfortunately, one case of a woman in extremely critical condition did reach the clinic yesterday, but the hospital was still unable to treat her and ordered an admission to a nearby city. The patient died during her transport, so this is the first confirmed and direct case of death caused by a ransomware attack.

According to the police who have been investigating the attack since September 11, 2020, the actors were actually targeting the Düsseldorf university and not its clinic, and this was clear from the ransom note. When the police contacted the hackers and told them about the impact of their actions on the hospital, the crooks gave them the decryption key and stopped all communications.

Even if this was a mistake, it highlights the grave risks associated with locking down IT systems in today’s world. On the other side, the event underlines the problems that arise from our over-reliance on computers and cloud networks. A hospital should be able to accept and treat emergencies even if all they have is doctors and nurses, but of course, we are not putting the blame on them.

A study conducted back in November 2019 quantified the increased risk of death due to cyber-attacks. According to the findings of that study, 8% of the UK hospitals that suffered a cyber-attack had to divert emergency cases to other hospitals. Even for those that were admitted on hit clinics, their care was delayed by an average of 2.7 minutes, which can sometimes make the difference between life and death. It is crystal clear that ransomware attacks on hospitals increase the mortality rate of patients.

As we are now going through a second infection wave of COVID-19, intensive care units are already overwhelmed, and doctors are entering the realm of chronic fatigue. Ransomware attacks are the last thing these institutions need, but unfortunately, stopping them is a matter of the hackers and their ethical compass. In this case, the person’s death appears to be “collateral damage”, so not only do ransomware actors need to be ethical, but they also need to be careful.



Whatsapp Voice Messages Now Got More Exciting With Voice Waveforms Rollout

Whatsapp announced a new Voice Waveform feature that will make vocal messages more interesting.Right now, voice messages had a play/pause button and...

Alibaba Undergoes Major Management Changes

Alibaba is replacing its long-time chief financial officer and reorganizing its commerce leadership.The firm's CFO position will soon be passed on to...

The Verizon App Collects User Browsing and Calls History, Location, and More

The Verizon app may collect your browsing history, location, apps used, and calls, all in the name of better user experience.The app's...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari