The First Cyberattack Related Death

Introduction

I do not believe anybody would want to admit to the fact that this was inevitable. But tragically, the first known fatality involving a cyber-attack was recorded in Germany this month. This incident came from a ransomware attack on a hospital that was subsequently unable to provide the life-saving treatment that was previously.

The cybercriminals had intended for the attack to be carried out on a different institution. After realizing their mistake, they gave the keys to the hospital straight away. Unfortunately, it was too late for the patient in question.

What Happened

Düsseldorf University Hospital’s critical computer systems were taken off-line by a ransomware attack that ultimately compromised their ability to function and was so severe that they had to divert a patient in need of critical care to another hospital 30KM away.

The attackers were able to take advantage of a well-known vulnerability in the VPN (virtual private network) software developed by Citrix. This vulnerability was announced by Citrix as far back as December 17th, 2019; furthermore, the update had been classified as Critical in nature.

This situation resembles the same issues with Wannacry related to Britain’s National Health Service (NHS) hospitals back in 2017 despite there being a patch available for many months prior. Those hospitals were taken off-line with around 19,500 medical appointments cancelled. Five hospitals having to divert ambulances, computers in 600 General Practitioners (GP) surgeries affected, and with authorities eventually paying over £100,000 to the cybercriminals for the encryption keys. Overall, there were over 250,000 computers infected in 150 countries.

What’s Happening Now

Considering the magnitude of the issues concerning Wannacry, it is miraculous that there weren’t any fatalities at the time. This issue was a warning and harbinger of what was to come, but the warnings have not been heeded, leading to the tragic events that happened in Germany.

We have long since moved beyond the symmetric attacks performed in the early days by cyber-criminal activity against organizations.

Asymmetrical based attacks involving multiple attack vectors are the new norm. It is now evolving into a hybrid-warfare driven approach that will scale to new heights now that several ransomware groups have joined forces. The collaboration between these groups has created the very first ransomware cartel this year.

What This Means for You

We seem to be experiencing the same issues and lessons learned that are not translating into a disciplined response to avoidance and pre-empting ofthese types of attacks.

Not learning from these lessons is continuing to cost countries in terms of economic damage and, more tragically, the loss of life. Any organization that thinks they are not a target for whatever reason they choose to believe in doesn’t understand the costs associated with these threats. Moreover, I would go as far as to say that we are complicit in propagating these threats. We are all a witness to the significant crimes associated with these attacks. Yet, a vast majority of organizations choose not to implement reasonable controls to mitigate these threats.

Sixty percent of SMBs go out of business up to 6 months after a significant breach. The cost both financially, as well reputational damage are just too much for these businesses to survive.

As Robert Mueller (former FBI Director) once was famously stated “There are only two types of companies: those that have been hacked, and those that will be.”

What You Should Do Now

Organizations should seek professional advice to understand the process of implementing a proper security strategy. This approach will ultimately reduce the overall risk to the organization.

Many solutions can be implemented, including free options that come with the Windows operating system to assist in this.

Align yourself to an industry security framework (CIS, NIST) commonly used as guidebooks on how to be secure. They take the guesswork out of how best to accomplish better security.

Closing

Until organizations start to take this situation seriously, we will continue to see casualties both economically and personally, now and into the foreseeable future.

What is needed is to build a strategy for cybersecurity that suits both the budget and available resources for your organization using industry best-practices.

 

Popular Posts

Previous
Previous

Ransomware Has Become a Triple Threat

Next
Next

“Credential Stuffing” the CRA- What is that?