- In February, hackers held several German hospitals under ransomware, according to the German publication Deutsche Welle. It is unclear whether the attacks are connected.
- Lukas Hospital pulled all their systems offline — from computer to email servers — when staff noticed a suspiciously slow system and frequent error messages. Though a specific demand was not been made, pop up windows told users in "broken English" to contact an anonymous email address to regain access, according to Deutsche Welle.
- Another hospital, Klinikum Arnsberg, received malware through an email attachment. Finding the virus in one of their servers, the hospital quickly took their 199 other servers offline, preserving the systems. Another hospitals in the same German state also took its systems offline after an attack.
No matter the tools cybercriminals use, many experts agree that longstanding cybersecurity deficiencies and lack of investment in preventative infrastructure could mean that more cyberattacks in the future. Hospitals, and other areas of critical infrastructure, can work to ensure they are not an easy target by instead investing in secure systems and offering a quick response in the event of any detected threat.
The ransomware attacks on the German hospitals are very similar to the one that shut down the systems of Hollywood Presbyterian Medical Center in Los Angeles earlier this month. However, what is different is the response. The German hospitals immediately took their systems offline, preventing the malware from encrypting data and locking them out of their servers.
The German hospitals also did not pay a ransom to regain access and instead worked with authorities and IT professionals to scrub their servers. The hospitals also had backups they could use to restore their data, in case the malware had spread throughout their servers.