On September 10th, the University Hospital Düsseldorf (UKD) in Germany suffered a ransomware attack after threat actors compromised their network a software vulnerability in "a commercial add-on software that is common in the market and used worldwide."
According to Germany's cybersecurity agency Bundesamt für Sicherheit in der Informationstechnik (BSI), the attackers exploited the Citrix ADC CVE-2019-19781 vulnerability.
"In this context, the BSI emphasizes that a vulnerability (CVE-2019-19781) that has been known since January 2020 in VPN products from Citrix for Cyber-Attacks being exploited," BSI revealed in a statement.
Patches for the Citrix ADC vulnerability have been available since January 2020.
With their IT systems disrupted, the hospital announced that planned and outpatient treatments and emergency care could not occur at the hospital.
Those seeking emergency care were instead redirected to more distant hospitals for treatment.
German media reports that the police contacted the ransomware operators via the ransom note instructions and explained that their target was a hospital.
The ransom notes left on the hospital's encrypted servers were incorrectly addressed to Heinrich Heine University, rather than the hospital itself.
After the police contacted the threat actors and explained that they encrypted a hospital, the ransomware operators withdrew the ransom demand and provided a decryption key.
A patient in a life-threatening condition was redirected to a more distant hospital in Wuppertal after University Hospital Düsseldorf deregistered its emergency services.
This disruption led to the patient receiving care an hour later, which may have led to her death.
Due to the patient's death, German prosecutors are investigating if this attack should be considered negligent manslaughter.
Full article on https://www.bleepingcomputer.com/news/security/ransomware-attack-at-german-hospital-leads-to-death-of-patient/
#ransomware #hospital #university #dussledorf #death #mindyourdata #yokdata