OT Cybersecurity and Safety: Increasing risks and escalating impacts

For the general public, cyber-attacks causing catastrophic damage and loss of life are still thought of as only ‘real’ within the sci-fi genre—movies, books, television series, and video games. But the truth is cyber-attacks with dire consequences no longer live merely in film or the digital realm for that matter. They’ve transcended into the physical world with real, tangible impacts.

And perhaps for the first time, a cyber-attack has also resulted in the loss of human life.

When cyber-attacks have physical repercussions

On September 10, 2020, a hospital in Germany fell victim to a ransomware attack that encrypted thirty servers, severely disrupting its internal IT systems and operations. Functioning with only limited phone and email communications, the hospital announced it had “deregistered from emergency care” and will postpone all planned and outpatient treatments due to its “extensive IT failure.”

As a result, inbound hospital traffic was redirected to other hospitals. In one situation, a patient with a life-threatening condition was detoured an hour to another hospital, dying shortly after arrival.

“If the ransomware attack did indeed lead to a patient’s death, however indirectly, the incident could go down in history as a first of its kind.”

– Fortune, Ransomware attack on a hospital may be first ever to cause a death

According to AP, the hospital’s systems were infected and disrupted for a week before gradually crashing to a halt. Upon investigation, authorities identified the attackers exploited a known Citrix vulnerability and found a ransomware note in one of the thirty encrypted servers. However, the message was addressed to a university, not the hospital.

German authorities contacted the adversaries, explaining their target was, in fact, not a university but a hospital and was endangering patient lives; the attackers withdrew the ransom and provided the decryption key.

Among (Read more...)

*** This is a Security Bloggers Network syndicated blog from The Mission Secure Blog authored by Mark Baggett. Read the original post at: