The Düsseldorf University Hospital Ransomware Attack 2020
Cyberangreb på tysk universitetshospital førte til død og internationale efterforskning
Sagsdetaljer
Quick Facts
Quick Facts
The Attack on Universitätsklinikum Düsseldorf
On September 10, 2020, Universitätsklinikum Düsseldorf (UKD), one of the Rhineland's leading university hospitals, was subjected to a massive ransomware attack. The attack was later attributed to the cybercriminal group Netwalker, known for targeting organizations with high financial capacity to pay ransoms. The attack presented Germany with an unprecedented security crisis within the healthcare sector and drew attention from both national and international security authorities.
The Course and Cost of the Attack
Hackers infiltrated the hospital's IT systems and encrypted critical data. As with a typical ransomware attack, the perpetrators demanded a ransom—in this case approximately 19 million Danish kroner—in exchange for decrypting the systems. The hospital was forced to shut down parts of its operational capacity, as doctors and nurses could not access electronic patient records and other vital medical systems.
Particularly tragic about the attack was that it had direct consequences for patient care. A 78-year-old woman who was scheduled to undergo cancer treatment was turned away and died shortly thereafter from a stroke. Although no direct causal link could be established, her death was nonetheless connected to the attack in media coverage, and questions were raised about the hospital's crisis management and preparedness for handling cyberattacks.
Response and Investigation
Deutsche Telekom and German cybersecurity authorities were called in to assist with system recovery. Cyberattacks on the healthcare sector quickly became a priority investigation. The attack drew political interest at the highest level, as it revealed Germany's vulnerability to cyberterrorism targeting critical infrastructure.
