Hackers want to extort money from the clinic in Wolfenbüttel – the Göttingen public prosecutor’s office responsible for cybercrime in the region has taken over the investigation into the digital attack. At the moment, all investigative measures are still being examined and the possible gateway sought, said the spokesman for Internet crime Mohamed Bou Sleiman on Thursday. The criminal evaluation had only just begun, but the attack was quickly recognized.
On Wednesday, the city of Wolfenbüttel announced that the computer systems had been shut down as a precautionary measure after a hacker attack on the clinic’s IT system. In the announcement, the deputy medical director Thomas Hockertz emphasized that “medical care is guaranteed”. According to previous knowledge, no data had been stolen, it said. “The hacker is about money – the clinic is being blackmailed,” said the city.
On paper and by hand
The hospital’s IT department is working with the help of external experts to make the systems available again, said clinic managing director Axel Burghardt. Due to the complexity and the amount of data, the completion of this process cannot be estimated. It must now be checked how the malware could get to the clinic server. The networks are separated and the automatic documentation has been switched to paper and hand for the time being, city spokesman Thorsten Raedlein said on Thursday.
The Göttingen experts are responsible for the investigations because the Central Office for Internet and Computer Crime (Cybercrime) for the region is affiliated with the public prosecutor’s office. In a first assessment from there, spokesman Bou Sleiman attested that the clinic was well prepared for such an attack. Not only because of the early alarm, but also for an up-to-date backup of important data. But it was too early for a further analysis, said the prosecutor on Thursday afternoon.
Health system and administration goals
The Lower Saxony Hospital Society (NKG) is not aware of any comparable incidents in the state. However, there have been isolated cases nationwide in recent years in which hospitals have been victims of extortionate attacks to enforce monetary claims, said an NKG spokesman. An attack in September 2020 made headlines in which hackers encrypted around 30 servers at the Düsseldorf University Hospital in order to blackmail them. The Irish health system was also most recently the target of a cyber attack.
But not only the health system is in the crosshairs of the attacker. Public administrations are also increasingly falling victim to ransomware – with sometimes far-reaching consequences for the population. On Wednesday, the city administration of Geisenheim in Hesse reported a hacker attack on the city’s IT network. Those responsible expect that the administration and municipal utilities will be “offline for at least three weeks”.
Last week, the Anhalt-Bitterfeld district declared a disaster due to a severe malware infection in the administration’s network. The attack had a direct impact “on all areas of the district’s range of services” and also affected the concerns of citizens, it was said to justify. The disaster gives the district administrator the opportunity to make faster decisions and request help.