Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Deadly Ransomware Story Continues to Unfold
A ransomware attack with fatal consequences is attracting notice and comment from around the world.
Curtis Franklin, Principal Analyst, Omdia
September 19, 2020
2 Min Read
This is a follow-up to yesterday's story breaking the news of fatal consequences in a German ransomware attack.
Reaction is continuing to the story of what Reuters says may be the world's first human fatality directly attributed to a cyberattack. According to the news service's reporting, the attack, which began on Sept. 10, utilized a known vulnerability in a Citrix VPN as its point of entry. As of today, The University Clinic in Duesseldorf remained unable to admit new patients brought in by ambulance.
Because a woman died after being redirected to another hospital, German authorities are investigating possible manslaughter charges against the still-unknown attackers. "If homicide charges are combined with computer crime charges, it could be a sound idea to attempt imposing a lengthy prison sentence for the attackers, and, potentially, to get more international cooperation in the investigation," says Ilia Kolochenko, founder and CEO of ImmuniWeb. She warns, though, that "the causation element will likely be extremely burdensome to prove within the context: defense attorneys will likely shift the entire blame on other parties spanning from hospital personnel and its IT contractors in charge of network management and security."
Terence Jackson, CISO at Thycotic, notes: "According to a recent Check Point report, 80% of observed ransomware attacks in the first half of 2020 used vulnerabilities reported and registered in 2017 and earlier — and more than 20% of the attacks used vulnerabilities that are at least 7 years old."
The pre-existing vulnerability means that "there was time to mitigate the threat in theory, but it illustrates the importance of running vulnerability scans and acting on findings at least every 30 days if not more frequently," says Mark Kedgley, CTO of New Net Technologies. The potential disruption of those scans, he says, must be weighed against the operational requirements of 24 x 7 organizations like hospitals.
Dark Reading will continue to follow this story.
For more, read here.
About the Author
You May Also Like
More Insights
Webinars
Transform Your Security Operations And Move Beyond Legacy SIEM
Nov 6, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024
_Alexander-Yakimov_Alamy.jpg?width=700&auto=webp&quality=80&disable=upscale)
