Years ago cyber security experts have expected that in coming years malware can start to kill people. If hackers attack your organization and you’re in an industry such as financial services, engineering, or manufacturing your risks are mostly monetary. But when it comes to healthcare cybersecurity, not only is there significant financial jeopardy, people’s health and wellbeing are also at risk. “Nation states and organized crime — real threat actors — are causing harm, damaging the safety and effectiveness of medical devices,” Fu warned.
Nowadays the situation is such that Someone died because of ransomware: Time to give hospitals emergency security care. Bad security in hospital systems combined with ransomware spreading criminals is a combination that seems to have contributed to deaths already. Those tragic sequence of events have drew the attention of cybercrime officials. Ransomware attacks put availability of medical devices at risk because “You can’t have a safe and effective medical device if it’s unavailable” due to ransomware. Not playing down, but likely there have been multiple cases because of services being bought to its its knees equating to time delays for critical care and resulting in death. Some incidents have already been on news:
In 2020 Cyber Attack Suspected in German Woman’s Death. German prosecutors tried to prove that a ransomware attack on a hospital was to blame for someone losing their life. On the night of September 11, paramedics in Düsseldorf, Germany, were alerted to the deteriorating condition of a 78-year-old woman suffering from an aortic aneurysm. The accident and emergency department was closed in nearest hospital due malware and the ambulance was directed to Helios University Hospital in Wuppertal, 32 kilometres away, which delayed the patient’s treatment by an hour. Following the attack, it was suggested that this may have been the first instance of death by ransomware. The ransomware attack was first spotted in the early hours of September 10, but it could have started much earlier. German police launched a negligent-homicide investigation and said they might hold the attackers responsible. But it turned out that Ransomware did not kill a German hospital patient in this case. It would have been the first time that law enforcement had considered a cyberattack to be directly responsible for a death, but it was subsequently determined that the patient died of other causes (likely would have died anyway).
The first death by malware as it could have happened already in 2019. Hackers Attacked a Hospital and Allegedly Killed a Newborn Baby and The mother is suing over what seems to be the first death caused by ransomware. “A ransomware attack against an Alabama hospital may have led to a baby’s death in 2019, one of the first known cases where a cyberattack had life-or-death consequences. … “ Wall Street Journal reported the first alleged death in a hospital attributed to ransomware happened in USA already in 2019. A 2019 cyberattack on an Alabama medical center allegedly impacted the normal operation of a fetal heartbeat monitor and a nurses’ station. Those monitors should have informed the staff of what was a life-threatening situation, alleges a medical malpractice lawsuit that Kidd has filed in the Circuit Court of Mobile County. The parents of a baby born with the umbilical cord wrapped around their neck who died nine months later following severe brain damage, are suing the hospital, which denies the allegations. This isn’t the first time that ransomware-related homicide charges have been brought, but it will be the first time that a case makes it to court.
Those are sad and worrying news. But unfortunately not unexpected. Some cyber security experts have been telling for years that it is just matter of time when malware has deadly consequences. Hospital environments is not the only case where people can be in danger if they are hit by malware gangs or cyber terrorists. Nowadays computers are everywhere, and attacks to cars, planes, trains, logistics and infrastructure (water,heating,electricity) can have deadly consequences.
Ransomware attacks put availability of medical devices at risk: FDA cyber chief
Cyber Attack Suspected in German Woman’s Death
Prosecutors believe the woman died from delayed treatment after hackers attacked a hospital’s computers. It could be the first fatality from a ransomware attack.
Hackers Attacked a Hospital and Allegedly Killed a Newborn Baby
The mother is suing over what seems to be the first death caused by ransomware.
The untold story of a cyberattack, a hospital and a dying woman
German prosecutors tried to prove that a ransomware attack on a hospital was to blame for someone losing their life. Their story is a warning
Ransomware did not kill a German hospital patient
Still, police warn that it’s only a matter of time before hacking hospitals leads to tragic results.
Not playing down, but likely there have been multiple cases because of services being bought to its its knees equating to time delays for critical care and resulting in death. Imo nothing new/been an issue for a a while. Also likely magnified with the covid bs and lack of overall care resources, not to mention how bad cyber^IT systems (underfunded or lack of skills) are in places that run critical infra/services
“A ransomware attack against an Alabama hospital may have led to a baby’s death in 2019, one of the first known cases where a cyberattack had life-or-death consequences. … ”
Ransomware attack might have caused another death
HACKERS ATTACKED A HOSPITAL AND ALLEGEDLY KILLED A NEWBORN BABY
THE MOTHER IS SUING OVER WHAT SEEMS TO BE THE FIRST DEATH CAUSED BY RANSOMWARE.
Baby’s Death Alleged to Be Linked to Ransomware