On September 17, 2020, a German patient with a life-threatening condition was redirected to a more distant hospital after the nearer hospital was attacked by ransomware and deregistered its emergency services. This may be the first instance where a ransomware attack directly caused a death. According to public reports, the ambulance route disruption “led to the patient receiving care an hour later, which may have led to their death.”
Even though the threat actor ultimately provided the encryption key after being informed the target was a university hospital rather than merely just a university, the authorities are still looking to charge the threat actors with negligent manslaughter.
This incident is a wakeup call to hospitals who previously believed they had some sort of immunity because major ransomware groups declared them off limits. Whether by way of an “accidental” ransomware attack or a more direct attack by rogue elements within a ransomware group, the exposure for hospitals remains very real.