Friday, September 25, 2020

Malware Literally Just Killed Someone

 

 Ransomware leads to death.    

   By Dominic Alvieri, @AlvieriD
   September 22nd, 2020.

    Did anyone notice ransomware literally just killed someone?

    

    Ransomware just got upgraded to Murderware.


Ransomware attack disabled hospital systems.



German police are treating the cybersecurity event as a homicide. A lifesaving surgery was cancelled at the last minute in Dusseldorf University Hospital on Wednesday, September 9th due to a ransomware attack on the hospital. The patient was immediately rerouted to the next hospital available about 20 miles away. The patient passed away during the ambulance trip.

The digital footprints are familiar. 


Dusseldorf University Hospital


Reports allege that the attack intended to attack a university (Heinrich Heine University) and redirected to Dusseldorf University Hospital. A woman was arriving for a lifesaving procedure when the ransomware attack took down the hospitals IT systems. 

The vulnerability in question is a Citrix VPN appliance controller. 
Chinese nationals have been employing this attack vector heavily this year. So have others.

Different motive? Different bad actor(s)? Same verdict. 

Death brings about change. Change is needed in the war on cyber crime. Ransomware is an evil business that is surging. Cyber criminals have been long overdue in facing the punishment for the true cost of their crimes. 


Ransomware leads to death in Dusseldorf, Germany on 9/9/2020


The vulnerability exploited was the  Citrix CVE 2019-19781 which is known and patches have been available. 
Dusseldorf University Hospital was not patched.

Chinese nationals have employed similar payload and encryption schemes used in this attack. 
Dusseldorf University Hospital was not the intended target. 

It is one of the first ransomware cases to be investigated as a homicide. Cyber criminals have been quietly holding systems, corporations and people in a digital stranglehold.  
Hopefully this will be the turning point. The trigger event.

Public awareness during the Covid-19 crisis must parlay into cybersecurity awareness. 
I am not convinced this will be the last death caused by ransomware, or software in general. 


Dominic Alvieri, Analyst, researcher and Tracker.






Analyst, Researcher and Tracker. @AlvieriD
at
Labels: , , , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Are You Trollin Me?

 Did Black Suit Ransomware just try to troll me? by Dominic Alvieri July 3rd, 2024 @AlvieriD The story goes a little something like this... ...

  • Are You Trollin Me?
     Did Black Suit Ransomware just try to troll me? by Dominic Alvieri July 3rd, 2024 @AlvieriD The story goes a little something like this... ...
  • Where Are They Now?
     The Conti Boys By Dominic Alvieri 1/14/2024 @AlvieriD Ransomware groups have come and gone but few have continued to resonate across the cr...
  • Typosquatting with Mikhail
    The Infrastructure Boss by Dominic Alvieri April 10th, 2024 @AlvieriD What does a former Boris Yeltsin era Defense Minister for the Russian ...