hackers

Hacked Hospital Results in Patient Death

A hospital in Germany suffered a ransomware attack that resulted in the death of one of their patients. University Hospital of Düsseldorf Germany suffered a ransomware attack on September 9th. Hackers disabled hospital computers and caused emergency patients to be transferred to other hospitals. A female patient who was scheduled to receive a lifesaving treatment, had to be transferred to a neighboring hospital 20 miles away. German authorities are treating the incident as a negligent homicide.

This is the first recorded case of a death directly resulting from a malware attack. The BBC reports they had other near death incidents of critical care patients forced to be transferred from a hospital that had been attacked, but this was the first known death.

Phishing and malware attacks have been on the rise since the start of the pandemic. Hackers attack hospitals and medical facilities looking for sensitive personal and medical data. Hospital staff are under increased stress, and are more likely to click on something they would not normally click on, opening the doors for hackers to come in.

The hackers took advantage of well-known vulnerabilities in VPN software from Citrix. The software is used by government agencies, educational institutions, hospitals, and major corporations. Citrix patched the vulnerabilities in January, but not all businesses keep up on patching and updating. Germany’s national IT security group is assisting the hospital to recover from the incident and collect forensic data. When the hackers were informed of the outcome of their attack, they dropped the ransom and provided the decryption key before disappearing.

This is a tragic overlap of the stories we have been following all summer. We have seen malware attacks increase every month. We have seen attacks on small businesses and even cities who are often too small to keep an IT specialist on staff. Many of these businesses are large enough to house a server with client data, and a network of workstations, but are not able to support the technology after the initial investment. When vulnerabilities are found and patched, the news of these vulnerabilities is reported in the IT news industry. Hackers then go looking for computer systems that have not been updated and attempt to exploit these systems and data.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Small Business

City Government Compromised

Lafayette, a reminder of small business ransomware

2020 is becoming the year of ransomware; all available statistics are showing an increase in incidents month after month. We are seeing hacking events creep into the mainstream news cycle with huge companies like Twitter and Garmin. But a small city in Colorado is a reminder that hackers are not only targeting large corporations.

A city of 30,000 residents in Colorado is the latest reminder of the threat of ransomware in 2020. The city of Lafayette, Colorado suffered a ransomware attack late in July. They did not make the breach public until early in August. The hackers encrypted data, disabled phone systems, email systems, and bill paying systems. Like most cities this size, Lafayette did not have a cybersecurity professional on staff. After the breach occurred, the city government had to have specialists from Boulder come in to help with the clean-up.

With the support of larger city and state cybersecurity professionals, they determined the attack was either a result of a phishing attack, or a brute force attack. They were not able to recover the necessary data from backup to get the city back online. After analyzing the situation, and time it would take to re-build the databases, the city decided to pay the $45,000 ransom.

Due to the pandemic the city had recently cut back hours and furloughed some employees to cut back on spending this year.

“After a thorough examination of the situation and cost scenarios and considering the potential for lengthy inconvenient service outages for residents, we determined that obtaining the decryption tool far outweighed the cost and time to rebuild data and systems,” City of Lafayette Mayor, Jamie Harkins.

It sounds like Lafayette did follow many IT security guidelines. The Mayor says residents’ credit card data was not compromised because of the encryption they use in processing credit cards. She also mentioned residents’ personal data had not been compromised because it was not stored on the city’s databases. From the information publicly available, it sounds like the city was using practices of “least privileged” when storing resident data.

Lafayette is about the same size as the city Quanexus calls home. This is a real issue for moderately sized cities and businesses who are large enough to maintain computer systems and databases, but not large enough to keep IT security experts on staff. This is one of the primary roles Quanexus fills for many of our clients. If the increase in ransomware in the news has you thinking more about your IT security, please reach out to see if Quanexus could be a good fit for your business.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Recent Posts, Small Business

Incident Response Planning Podcast

Podcast Episode 1 – Incident Response Planning

On this inaugural episode of the Quanexus Podcast we go in depth on Incident Response Planning. This is a topic on the top of our minds with many businesses making changes to accommodate the pandemic, and a new wave of ransomware against large US corporations.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Small Business

IT Security in the News

IT SecurityWe are following three IT Security news stories that have gained mainstream attention. Today on the blog we are going to re-cap all three stories, and talk about what they mean for the IT world

Garmin pays up

Garmin is still recovering from the ransomware attack we talked about on last week’s blog, you can read it here. The company reportedly received a decryption key, meaning some sort of ransom was paid. The original ransom demanded by the hackers was 10 million dollars, but Garmin has not acknowledged the ransom publicly. A week and a half since the attack, device users are still having issues related to the services taken offline.

This attack is an example of why it’s important to have a quality backup solution, and an incident response plan. When Garmin was attacked, they had to take all services offline, which included phone, email, and chat support. Not only did they have to disrupt the service they provide, but they also had no way to communicate with customers other than statements on Twitter.

Follow-up on massive Twitter hack

Twitter released more information about the hack that compromised many high profile accounts. They are citing a mobile spearphishing attack on employees as the cause. Twitter says employees were compromised, allowing hackers to access internal company tools. Twitter made a point to say, the employees who were compromised were not in a position to access the tools needed for the attack. Criminals used the information they had on some employees to attack more technical employees and gain access to the tools needed. In part of their statement Twitter said, “This was a striking reminder of how important each person on our team is in protecting our service.”

We couldn’t have said it better. As Jack always says, your employees can be your biggest asset, or your biggest liability. This is also a reminder that it’s not just the employees who are working in the IT department who are important. Any infiltration of the company systems can lead to an attack on the database or system tools.

Microsoft to buy TikTok

TikTok has been under increased scrutiny since Amazon “mistakenly” told all of its employees to delete the app. You can read our blog post , ‘Is TikTok Safe?’ Here. The US government has continued to talk about banning the app in the US since this new publicity. Over the weekend it was reported Microsoft is looking into buying TikTok for the US, Canada, Australia, and New Zealand markets. Microsoft has vowed to make data security their number one priority. They have until September 15th to complete the deal. Investment organizations are predicting the deal could be in the 50 billion dollar range.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Recent Posts