Imagine just how fragile the fundamental infrastructure of the West actually is.
A woman in Germany died during a ransomware attack on the Duesseldorf University Hospital, in what may be the first death directly linked to a cyberattack on a hospital. The hospital couldn’t accept emergency patients because of the attack, and the woman was sent to a health care facility around 20 miles away, the Associated Press reported.
The cyberattack was not intended for the hospital, according to a report from the German news outlet RTL. The ransom note was addressed to a nearby university. The attackers stopped the attack after authorities told them it had actually shut down a hospital.
This may be the first confirmed death resulting from a cyberttack on healthcare infrastructure. https://t.co/O2mPziOgJu
— Andy Manoske (@a2d2) September 17, 2020
Health care facilities are one of the biggest targets for cyberattacks, and cybersecurity experts have warned for years that most hospitals aren’t prepared. They rely heavily on devices, like radiology equipment, that are often connected to the internet. Without those tools, they aren’t as able to treat patients.
“If systems are disrupted over the internet, by an adversary or an accident, that can have a profound impact on patient care,” says Beau Woods, a cybersecurity advocate and cybersafety innovation fellow with the Atlantic Council, told The Verge last year.
Even attacks that target patient data, and don’t directly impact medical devices, can hurt patient outcomes: one study found that a hospital’s death rate from heart attacks goes up in the years after a data breach. That’s probably because hospitals have to divert resources to respond to the attack or upgrade software in a way that changes how doctors operate.
Major cyberattacks, like the 2017 WannaCry cyberattack, have shut down major hospital systems — WannaCry took down the United Kingdom’s National Health Service, for example. No deaths were directly linked to that attack, but most experts warned it was only a matter of time.
Was this a good idea, to put all of this stuff on the internet?
Are the fractions of pennies saved by digitizing everything worth the risks involved?
Just imagine if we end up in a real war with say, China. The first thing they’re going to do is shut down infrastructure.
Will it even be possible to keep fighting after that?
We built our infrastructure with basically no defenses at all.