back to article Medical superbugs: Two German hospitals hit with ransomware

At least two hospitals in Germany have come under attack from ransomware, according to local reports. The alarming incidents follow similar ransomware problems at the US Hollywood Presbyterian Medical Center. Both the Lukas Hospital in Germany's western city of Neuss and the Klinikum Arnsberg hospital in the German state of …

  1. Neil Barnes Silver badge

    Again...

    Why does a hospital not have a write-new-only file system (i.e. one in which files cannot be overwritten)?

    1. Anonymous Coward
      Anonymous Coward

      Re: Again...

      Well, you could ask that question about any institution. What I don't get is the IT security on these places - OK, it appears the IT bods got it together pretty fast, but somewhere is the weakest link that allows these type of programs to install - and as admin to infest the whole network!

      I still don't understand how in 2016 an intranet is still open to attack vectors usual from the Internet.

      1. Anonymous Coward
        Anonymous Coward

        Re: Again...

        I still don't understand how in 2016 an intranet is still open to attack vectors usual from the Internet.

        That is because some MBA in a very plush office remote from the hospital thinks he/she need to be able to access all sorts of information and rather than use a dedicated line just insists on being able to use the internet.

        1. Anonymous Coward
          Anonymous Coward

          Re: Again...

          Plus the inevitable "I'm important. I need admin access."

        2. Anonymous Coward
          Anonymous Coward

          Re: Again...

          Not to mention that incredible , probably management driven, AUTO RUN.

    2. Anonymous Coward
      Anonymous Coward

      Re: Again...

      The fact is that IT in hospitals - and not only . is managed as an afterthought. "Sure, we somehow need it, but how much we can save?" Problem is IT is becoming the nervous system of any organization, so nothing really works without it.

      Hospitals have the additional issues of expensive devices bought when Windows 95 and shares were the norm, and thereby very risky to run today. All those systems would need to be isolated and more secure systems built around them to access data safely, but of course it does cost, and they spend already too much because bribes from the pharma/medical industry ensures they pay more than really needed - the IT industry -especially the security one - probably doesn't pay enough bribes yet.

      Most ransomware would have difficulties to work if Internet access was working on whitelists only (why hospitals networks should access any site?) and if users machines were just terminals to access information stored in proper databases without any file sharing protocol active, and no way to attach personal devices to share babies or cats photos.

      Sure, personnel should be trained - and I've seen doctors refusing to use computers as if it was diminishing their power - but given the damage attacks can bring today, and ransomware is just the biginning - it should not be optional, learn, or you're our.

      Also, contracts for expensive equipment should take care of support over the lifetime of the machines, including security. Specifications and source code should be part of the contract, including the right to use a third party if the OEM stops support for the equipment before its true end of life.

  2. Anonymous Coward
    Anonymous Coward

    This is precisely why...

    ...internet blackmailers should spend the next 30 years in prison. Anything less is a disgrace and encourages more crime.

    1. Mark 85 Silver badge

      Re: This is precisely why...

      Only 30 years? Some would argue that it's too much because well.. not real crime like murder.

      I'm thinking life at hard labor maybe... and when not working the salt mine, cat videos.

      1. Marketing Hack Silver badge
        Devil

        Re: This is precisely why...

        @Mark 85

        Hard labor and cat videos? Joseph Stalin--is that you?

      2. Robert Carnegie Silver badge

        If people die because hackers hacked a hospital, arguably that is indeed murder.

    2. Anonymous Coward
      Anonymous Coward

      Re: This is precisely why...

      .internet blackmailers should spend the next 30 years in prison. Anything less is a disgrace and encourages more crime

      Actually, the penalty is largely irrelevant, its the likelihood of being caught and the speed of the justice system that count. In this case, there's probably a whole host of laws been broken, and potentially each file or record attacked is a separate instance, so the potential jail sentence would be as long as the "justice" system wants to make it. But until the scum find that they are detected and apprehended quickly, and then put behind bars promptly, they'll keep on doing it.

      I can't speak for Germany, but in the UK our government are more interested in spying on the domestic population than they are on stopping electronic forms of crime, so there's little chance of the UK becoming any safer from ransomware, spam and the other problems.

      Regarding the "Russia and Ukraine are out of bounds" argument, in the case of Ukraine, the corrupt government are only kept going by Western bailouts. If the Western authorities grew a pair of balls and told Ukraine to play by our rules or go bust, the gangsters running the country would find and shoot every hacker and cybercrim in the country. Russia's more of a problem, although the persistent anti-Russian stance of the West is a contributor, but there's solutions like telling Russia that (say) EU countries will lock out telecommunications connections to Russia if they don't stamp on their cybercrims. Or just throttle the bandwidth of crossborder digital communications with all Russia based servers. That of itself wouldn't stop the crims because of the nature of digital communications, but it'd put huge pressure on the Russian government, making commerce, finance and even diplomacy a problem, and they'd quickly find those responsible and break both their arms.

      None of this is going to happen of course, because the authorities still see cybercrime as not affecting them, and because as noted they don't have the balls to take bold action.

      1. Hey Nonny Nonny Mouse

        Re: This is precisely why...

        Pretty much that, it's the fear of being caught and punished that stops more crime happening.

        I think most people weigh the chances of being caught against the benefit and make value judgements.

        1. Palpy Silver badge

          Re: "This is precisely why..." but not so.

          I believe that research shows that the fear of punishment is not a powerful deterrent to most criminals. This surfaced particularly in cases involving capital punishment -- not even the fear of being executed deterred murderers.

          IIRC, the sticking point is that most crims use the same perspective as we do when, for instance, we drive on a highway -- "Yeah, something bad could happen but it won't happen to me." The "I'm special / smart / careful / above average" thought process prevails in many realms of human behavior, and it defeats the logic of deterrence.

          I don't speed when driving through small towns with low speed limits. But the chances of being caught in many of these little burgs is very small; I slow down because it is the right thing to do where kids are playing next to the road and pedestrians are about. A sense of "right behavior" is why most people obey laws, not fear of punishment.

        2. Mark 85 Silver badge

          Re: This is precisely why...

          I think most people weigh the chances of being caught against the benefit and make value judgements.

          I tend to agree with this otherwise there would be piles of carpet rolls from manglement offices deep in the woods. It also applies even to the minor infraction laws like speeding.

  3. Anonymous Coward
    Anonymous Coward

    I suspect a UK medical facility was recently afflicted. Can't divulge more than that - but the staff told me their files weren't accessible and had .locky extensions.

  4. Robert Moore

    > Police will have their work cut out in bringing crooks to justice. Aside from the

    > problem of tracing the BitCoin transactions, many ransomware scams are run

    > by crooks in either Russia or the Ukraine.

    As I recall, the last time some Germans went to Russia it did not end well for the Germans. Or anyone really.

  5. Md_pepa

    Email & Google

    The majority of threat is email bourne, with compromised sites making up the rest.

    The simple answer is that it's too expensive and people still have the mindset of castle walls, plus it's not their job, nor is our in their objectives.

    Most companies/public bodies see security as expense and inconvenience. People don't want to buy 2 pc licenses, or walk to a kiosk machine. Therefore there is always a human providing protection, as signatures and blacklists lag behind. Those humans want it simple, and those humans managers don't understand how complex simpler is.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020