clinic compromised by cyber criminals

Düsseldorf university clinic compromised by cyber criminals

According to the BSI report "The State of IT Security in Germany 2019", the number of reported IT security incidents in the KRITIS Health Sector was in third place with 47 reported IT security incidents in the reporting period.

Since medical facilities are particularly vulnerable to security threats due to their open network architectures and simply because of the large number of users, it needs special attention to network security and data transmission. Access to information via private mobile devices must remain verifiable and be secured by appropriate encryption technologies such as VPN. In addition, you need to be compliant with legal regulations such as GDPR and KRITIS and industry standards such as the B3S (in Germany).

Complete failure of the IT at the University Hospital in Düsseldorf

The fact that IT security in hospitals and the health care system in general is of essential importance is shown not least by the recent incidents surrounding the failure of the entire IT at the University Hospital in Düsseldorf. A few days ago, 30 servers of the university hospital had been encrypted and an extortion letter had been transmitted. The background to the IT failure was ransomware, which is often infiltrated into end devices via spam e-mails, infected removable drives, hacked or compromised websites or even hidden in legitimate software bundles.

The spicy thing about this case: Apparently, the blackmail letter was delivered to the Heinrich Heine University in Düsseldorf, so it is assumed that the university hospital was not the intended target of the attack. Allegedly, the blackmailers had withdrawn their blackmailing after the Düsseldorf police had contacted them and informed them that the welfare of the patients was at considerable risk. After the IT system of the university hospital of the capital of North Rhine-Westphalia failed, the building could no longer be accessed by ambulances and rescue services.

The fact that the hospital could be attacked at all was due to a suspected security gap in an application. Until this could be closed by a patch, the attackers already had enough time to penetrate the hospital systems and encrypt data access.

Application protection in healthcare

IT security gaps in healthcare applications can have devastating consequences. The more web applications are used, the higher the potential threat to those that are accessed via the web and are therefore vulnerable to external attacks.

Ransomware infects healthcare infrastructures repeatedly, because in 24/7 hospital operations it is very difficult to keep software infrastructure up-to-date or even to get a possible downtime slot. Computers running legacy software that only runs under special operating systems or driver versions are also an easy target. Added to this are the often obsolete devices that can hardly be updated and thus act as a reservoir for malware that is distributed in the network.

The more areas within a hospital are optimized by IT systems, the more they become potential targets for attack. In recent years, hospitals around the world are targets because hackers do not stop at the healthcare sector. However, only future-proof, proactive, state-of-the-art cybersecurity solutions can guarantee functioning healthcare services and secure, networked hospital operations. We have summarized how this can be achieved in IT security in the healthcare sector.

After being contacted by the police in Düsseldorf, the blackmailers transmitted a digital key to decrypt the data. Now the responsible public prosecutor's office is investigating for negligent homicide, as an emergency admission could not be made and a patient died.

Request information

Do you have questions or need additional information? Simply fill out this form and we will get right back to you.

I want to receive information from Rohde & Schwarz via

Marketing permission

What does this mean in detail?

I agree that Rohde & Schwarz GmbH & Co. KG and the Rohde & Schwarz entity or subsidiary company mentioned in the imprint of this website, may contact me via the chosen channel (email or postal mail) for marketing and advertising purposes (e.g. information on special offers and discount promotions) related to, but not limited to, products and solutions in the fields of test and measurement, secure communications, monitoring and network testing, broadcast and media, and cybersecurity.

Your rights

This declaration of consent may be withdrawn at any time by sending an email with the subject "Unsubscribe" to Additionally, a link to unsubscribe from future email advertisements is contained in each email sent. Further details on the use of personal data and the withdrawal procedure are set out in the Statement of Privacy.

Your request has been sent successfully. We will contact you shortly.
An error is occurred, please try it again later.