Core healthcare services and internal systems at two German hospitals have now also been disrupted by ransomware attacks. This follows a blog we posted a couple of weeks ago about a major Hollywood hospital being crippled by a similar attack.
One of the hospitals, Lukas, has reportedly reverted to phone calls, faxing and physical record-keeping for the past few weeks, while the IT systems have been offline.
The hospital has also postponed high-risk surgeries until systems are up and running.
Fortunately, the IT team at Lukas performs regular backups, but there is a possibility that some data and patient records have been lost.
Another hospital, Klinikum Arnsberg, confirmed that it was targeted in a ransomware attack via an email containing malware. Instant action taken by their cyber security teams resulted in the hospital containing the damage: the virus was detected in one server and the other 199 servers were immediately switched off to prevent any further contamination by the malware.
So far, both hospitals are refusing to pay the ransom. Deutsche Welle, a German publication, reports that it will “take weeks” for the hospitals’ systems to be back to normal.
Why are ransomware attacks growing in popularity?
Ransomware attacks are particularly ruthless because criminals do it purely for financial gain, and the outcome is usually that the victims pay up to avoid even longer delays and higher expenses, despite trying to fix the problem themselves.
Ransomware is also easy to deploy, through malicious links in phishing emails or on social media sites. Once a victim’s computer is infected, the malicious code locks down systems and encrypts files. The victim’s computer will then display a new holding screen, demanding a ransom in Bitcoins in exchange for a key to decrypt the files.
No single cyber security solution
No single cyber security solution is sufficient to protect an organisation from a cyber attack. The evolving nature of cyber crime requires the implementation of a holistic and comprehensive management system that constantly adapts to the evolving cyber crime landscape.
How ISO 27001 works
ISO 27001 is an independently auditable, international management standard that delivers an effective cyber security defence framework. Find out how ISO 27001 can reduce your cyber risk now.