A hospital in Fürstenfeldbruck, to be more precise the hospital Fürstenfeldbruck, had to take all 450 computers from the net. The reason for this is a very massive virus infestation of the entire IT infrastructure. This is not the first case in Germany. At the beginning of 2016, the often cited Lukas Hospital in Neuss was the victim of a ransomware attack. In both cases, these were probably not targeted attacks.
The hospital in Fürstenfeldbruck runs in emergency mode
In times of digitalization, in which personnel files, X-ray images and other materials are digitally recorded, processed and required for diagnosis and treatment, a failure of the IT infrastructure is the worst case. The material from which science fiction films are made is gradually becoming reality. One difference is that the highly criminal hacker with ski mask and leather gloves is missing.
Not much has yet been learned about the incident in Fürstenfeldbruck. Numerous media, however, suggest that it was infected via e-mail. A communication medium that has been used to send viruses and Trojans for some time now. How good the Trojan/virus mail was at the end of the day, which arrived at the hospital in Fürstenfeldbruck, will hopefully one day be made public.
The hospital in Fürstenfeldbruck was disconnected from the emergency system for several days. So there were no ambulances. Each new patient means enormous additional effort. Everything must be recorded in writing – every blood sample, every x-ray. The criminal investigation department is involved, the public prosecutor is investigating.
How to deal with a security incident?
A hospital is the focus of public attention. If the IT fails, the patients inevitably notice. The Lukas Hospital in Neuss had a similar problem and, in our opinion, tackled it perfectly. At least to the public. Dr. Nicolas Krämer regularly gives lectures on this incident, which we can highly recommend at this point. Every company can take something away from these experiences.
What does the medicine and the hospital in Fürstenfeldbruck learn from this?
Whether processes are changed, spam filters readjusted or the infrastructure completely overhauled, we cannot currently say. One of the reasons for this is that the incident is not yet public. However, what becomes clear from the incident is that medical personnel urgently need to be trained in IT security issues. This can be achieved with eLearnings, training courses or recurring events.
From our own experience, we can report that the medical industry is one of the areas in which we are less frequently booked. Hospitals, established physicians or medical centers, which want to avoid the risk to fall victim to a hacker attack, can inform themselves gladly about our Live Hacking lecture .