The incident marks the first recorded casualty as a consequence of cyberattacks on critical healthcare facilities, which has ramped up in recent months. The attack, which exploited a Citrix ADCCVE-2019-19781vulnerability to cripple the hospital systems on September 10, is said to have been ‘misdirected’ in that it was originally intended for Heinrich Heine University, according to an extortion note left by the perpetrators. After law enforcement contacted the threat actors and informed them that they had encrypted a hospital, the operators behind the attack withdrew the ransom demand and provided the decryption key. The case is currently being treated as a homicide, BBC Newsreportedover the weekend.

Source: thehackernews