German Hospital Differs in Ransomware Response from American Counterpart
German authorities have advised hospital officials not to contact the hacker as they work to restore the system.
German authorities believe a local hospital was the victim of a ransomware attack similar to the one experienced by a Hollywood hospital on Feb. 17.
Hospital officials and German authorities have not followed in the footsteps of their American counterparts, however, when it comes to responding to the attack.
The IT department at Lukas Hospital in Neuss, Germany, realized the hospital had caught some sort of malware on Feb. 10 and “pulled the plug on everything,” according to hospital spokesman Dr. Andreas Kremer. German authorities believe the quick actions may have prevented extensive damage to the hospital’s network and the machines affiliated with it.
Now when someone tries to access the hospital’s network an error message pops up urging the user to contact an anonymous email address to “stop the ransomware,” according to DW.com. Presumably the hacker intended to demand money through the email address to restore the system.
The situation is eerily similar to the American ransomware attack that eventually ended when Hollywood Presbyterian Medical Center paid an anonymous hacker $16,664 (or 40 bitcoins) to restore its computer network on Feb. 17. The hacker had initially demanded $3.6 million to erase the virus in that case.
Rather than interact with the hacker, however, Lukas Hospital has decided not to engage in a negotiation at all. Hospital officials and the authorities assisting them (Germany’s State Criminal Investigation Office) have been working to restore the system over the last two weeks and have not contacted the email address.
Since the hack, staff members have communicated through the phone, fax machines and handwritten notes because the email system still isn’t up and running. Kremer said approximately 85 percent of the hospital’s operations have continued as normal.
The hospital’s security experts have developed a software to cleanse the infected network and scan the servers and devices for additional viruses. Some data was backed up and can be easily restored. Kremer estimates the hospital’s system will be running normally again by the early summer at the earliest.
The German and American responses to similar cases of ransomware offer an interesting contrast as cyber security officials around the world ponder the best way to deal with the growing trend.
Read More Articles Like This… With A FREE Subscription
Campus Safety magazine is another great resource for public safety, security and emergency management professionals. It covers all aspects of campus safety, including access control, video surveillance, mass notification and security staff practices. Whether you work in K-12, higher ed, a hospital or corporation, Campus Safety magazine is here to help you do your job better!