Another Hospital Computer System Down Due to Ransomware

Deutsche Welle¹ has the story (a German  language news site that also has English sections) German hospital Lukas Hospital (Krankenhaus)   GmbH is a type of corporation in Germany.

lukashospital

The hospital apparently downloaded malware in an email and then infected the X-ray system among others. The X-ray system is now unable to work affecting patient usage.

The IT staff claims that backups of the data files are available but the following is an unbelievable statement:

————————————————————-

{“It will take weeks until all systems are running the way they used to before the attack, “probably not before early summer,” Kremer said.

..

Staffers detected the virus on one of the 200 servers and then switched off the entire system.  }

————————————————————-

So due to the ransomware attack some systems will not be used properly until the summer?

Does anybody still prepare for disasters anymore?

The hospital is in North Rhine-Westphalia of Germany State and apparently it did have a problem with it’s backups since a 5 month restore is unheard of.

 

That is why this news report is interesting to me, since it usually is much worse than advertised (most people do not like to air all their problems in the news)

lukaskrankenhaus2  (Neuss is a part of Düsseldorf)

Unfortunately another hospital in the state of North Rhine-Westphalia  also got hacked/ ransomed.

north_rhine-westphalia_germany

So obviously taking your trip  to this portion of Germany has it’s drawbacks.  As apparently there is a problem in IT administration here.

The article did mention the USA hospital we discussed  on this blog² which paid $17k in ransom money to recover their data quickly.  No one wants to pay these criminals, but obviously the LA hospital wanted to get back up and running so they paid the ransom($17,000).Although the DW article says LA hospital paid $17k, the previous article from my blogpost said the LA hospital paid $3.4mil in Bitcoins (which are very difficult to trace).  Either way there was serious money being paid.

 

Why am I discussing this again? Because the hacker-criminals are learning and now know for sure that if hospital emails systems are hacked it is also likely some systems will be hacked which must be back in business quickly, so in the case of LA hospital they will pay lots of money to recover the data (paying a lot of money is music to ransomhacker ears).

So we know hospitals are in the ransom-hacker cross hairs. expect many more spear-phishing attacks

This is simple folks – the hacker looks to see what is successful…

(malware sent out to industry X, industry Y, and industry Healthcare)  Where am I getting the most bang for my buck?

Remember that sending out emails  creating the text to send etc, costs time and money. The hacker is trying to maximize their money. If hospital IT staff are overworked and cannot do proper backups on a consistent basis the criminal-hacker will find this out in a round about way. And we find this out because we notice news stories starting to focus on Healthcare systems.

 

So get going Healthcare boards – you must spend more time on disaster recovery IT systems and Cybersecurity knowledge.

 

Or what?  well your entity will get hacked – pwned…  it is just a matter of time.

hospitalshacked  just a matter of time.

 

Since hackers hack you no matter your understanding – Do you “get it” that there are certain areas that need more help in your IT department? Maybe you need an outside 3rd party checking things out – auditing your systems and processes to see where you need help.

Contact Us to discuss.

 

  1. http://www.dw.com/en/hackers-hold-german-hospital-data-hostage/a-19076030
  2. http://oversitesentry.com/now-criminals-ransom-6800-hospital-computers/