Ransomware Attack Leads to Fatality

A ransomware attack on the University Hospital of Dusseldorf (UKD) was reported to have a fatal outcome last week. German authorities revealed that the ransomware attack caused a failure of the hospital's IT systems, which resulted in a woman who needed urgent care tragically passing away while being transferred to another hospital 20 miles away for treatment.

It is believed the attack exploited a vulnerability in Citrix Application Delivery Controller (ADC) CVE-2019-19781 which crippled the hospital's systems. According to a note left by the hackers the attack was meant to target the Heinrich Heine University.

Once law enforcement made the attackers aware their attack was targeting a hospital the attackers provided the decryption key and withdrew the ransom demand. It is understood the case is currently being treated as a homicide.

This attack highlights the importance for all organisations to carry out regular patch management cycles to reduce your exposure to a cyber attack. The device that was exploited in this instance was a vulnerability that was patched by Citrix in January 2020. When an organisation releases a patch for a critical vulnerability found within their software, it is best practice to apply this fix to your own network immediately.

 

How Can We Help?

We offer a wide range of services which are tailored to your requirements. We can help you prepare for the worst-case scenario by simulating threats to your organisation via each service line. We can help improve your cyber security posture, increasing your resilience to a breach. We offer simulated phishing campaigns to highlight cyber security awareness within your organisation and demonstrate how a breach may occur.

Should you ever be on the unfortunate end of a cyber attack our in-depth knowledge and Incident Response service will have your organisation ransomware free and up and running in no time.

Partner with us today, our experienced consultants will go the extra mile to ensure your organisation stays secure during these testing times.

 

Benefits:

• Receive third party validation for implemented security controls
• Receive a prioritised list of your risks based on their exploitability and impact
• Receive expert and effective advice to immediately improve your cyber security posture
• Understand how uncovered issues will affect your organisation and operations
• Recover from cyber attacks