Connect with us

Research & Opinion

First ever ransomware death!

Published

on

Ransomeware attack

By Sanjay Sahay

Things keep on getting crazier in the COVID-19 days, some related to the pandemic and some unconnected, nonetheless fall in the category of one of its kind. When an ambulance carrying a patient was reaching the University Hospital is Düsseldorf on Sept 11 night, it was sent to Wuppertal instead, 20 kms away. This is Germany. The treatment which was due to the patient in the first hospital was not made available on account of a hacker attack. The medical attention was delayed by an hour, which was critical. The woman died shortly thereafter. This is suspected to the first ransomware death in the world. Hospitals have been hit earlier as well by ransomware attack, how the future would unfold is seemingly clear.

Ransomware is the biggest cyber crime of the day, can lock data and operations for an individual user to critical infrastructure; airports, electric grids anything. We even now are happy with paying lip service to what is slowly developing into a pandemic or at the least can create panic of unimaginable proportions. German authorities in the instant case have already opened a ”negligent homicide” investigation. The cyber attack which led to network outages had forced rerouting of patients, for even those who where were in need of emergency care. The 78-year-old deceased in this case, an old woman, was in need of immediate medical attention for an aneurysm. She died after being sent to another city.

The homicide adds to blackmail and computer hacking investigations already underway. Police on their part to bring normalcy to the hospital operations contacted the hackers. They persuaded them to provide the digital key that would decrypt 30 infected severs of the hospital. What is the fate of the investigation in a ransomware case you can well imagine. Encryption has been creating insurmountable problems in the investigation of a variety of cases. Allegedly, the hackers did not the know that they had attacked a hospital. Crimes of this nature speaks a lot about what the future has in store for us. Even after so many days, the hospital is still trying to recover it’s IT systems. Emergency care is likely to be resumed within the next week.

Being casual in Cyber Security can throw you out of business, still it persists. Might be a huge jolt would help. The update for the Citrix software in use has been available since January. Federal Office for Information Security said, ” We warned of the vulnerability back in January and pointed out the consequences of its exploitation.’ It has been a known flaw in Citrix, provider of a VPN tool. This situation as not as strange as it looks, it is this precarious situation that might be the norm, its just chance that the hacks have not happened. Only proactive action can save the situation. The always well intentioned United Nations ”has called the nation states and cyber criminals to uphold a “digital ceasefire” amid the ravages to the coronavirus pandemic.”

PLAYING WITH CYBER SECURITY IS WORSE THAN PLAYING WITH FIRE.

The writer is an IPS officer, Cyber Security, Public Speaker, Technology Evangelist and Recipient of the President’s Police Award.

 

Continue Reading