As Associated Press reports, when a ransomware attack knocked out systems at a major hospital in Düsseldorf, Germany, there were tragic consequences.
With its computer systems offline and data inaccessible, emergency patients who should have gone to Düsseldorf University Clinic were taken to other hospitals who hadn’t had their servers encrypted in the attack.
A seriously-ill patient, who normally would have been taken to Düsseldorf University Clinic, was instead diverted twenty miles away to a hospital in Wuppertal.
According to reports, doctors were not able to start treating the patient for an hour and she died.
30 servers at the Düsseldorf University Clinic are thought to have been infected by the ransomware, with the attackers leaving an extortion note demanding payment.
But the ransomware attack was botched.
Yes, it did manage to infect the hospital’s servers but the note itself was addressed to Heinrich Heine University, *not* the hospital
The hospital and the university are affiliated with eachother, but it seems that the fact that the ransomware attack hit the wrong organisation was down to sheer recklessness and lack of attention by the criminals behind it.
Police in Düsseldorf contacted the attackers using details shared in the extortion note, and received in return a decryption key to unlock the hospital’s data.
But that was all too late for the woman who died.
Prosecutors in the state of North Rhine-Westphalia are launching an investigation into the hackers on suspicion of negligent manslaughter.
But, of course, no-one knows the hackers’ true identities – and they may never become known and brought to justice.
Ransomware attacks can ruin businesses, destroy individuals’ irreplaceable files and priceless photos, and even – it seems – result in death.
I’d like to think that someone might read about a case like this and think again about committing an attack. You may think you’ve dreamt up the perfect cybercrime, but it can all so easily have unintended consequences both for you and others who are entirely innocent.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.