Medical Superbugs: Two German Hospitals Hit with Ransomware

John Leyden | The Register | February 26, 2016

At least two hospitals in Germany have come under attack from ransomware, according to local reports. The alarming incidents follow similar ransomware problems at the US Hollywood Presbyterian Medical Center. Both the Lukas Hospital in Germany's western city of Neuss and the Klinikum Arnsberg hospital in the German state of North Rhine-Westphalia were attacked by file encrypting ransomware, Deutsche Welle reports.

Lukas HospitalThe German broadcaster details how swift action at he Lukas Hospital contained the problem. Techies responded to unusual pop-up warnings on systems combined with the network running slowly two weeks ago by pulling the plug. This stopped the malware spreading more widely. Even so, the spread caused considerable damage and general inconvenience even though the hospital kept backups and only a few hours of data had been lost...

The Klinikum Arnsberg was also hit by ransomware, thought to have entered systems after staff opened a booby-trapped email attachment. Staffers detected the malware on one of the hospital's 200 servers before pulling the plug, DW reports.. Recovery simply involved restoring files on the single affected server from backups. Ransomware encrypts data before demand payment from victims for the private key generally necessary to decrypt files. The well developed scam relies on tricking victims either to open dodgy emails of victims or to visit malign websites running malicious code designed to push malware onto the systems of visiting surfers. The fraud is mostly opportunistic, affecting businesses and home users alike...