\u201cIn wartime, a red cross on a hospital\u2019s roof protects it from bombing. But in cyberwar, there\u2019s no convention to protect hospitals,\u201d says Professor Dr. Harald Dormann, Head Emergency Room Physician at Germany\u2019s Klinikum F\u00fcrth hospital. With thousands of networked computers and medical devices crucial to patient care, Klinikum F\u00fcrth\u2019s quick thinking turned a malware attack into an unlucky day for cybercriminals.<\/p>\n
Tomorrow Unlocked\u2019s video, Malware: A New Virus in the Hospital, tracks how Klinikum F\u00fcrth\u2019s actions stopped the ransomware attack in its tracks and likely saved lives.<\/p>\n
The first hint of an attack was when Klinikum F\u00fcrth\u2019s IT support team started receiving strange emails from users \u2013 a hallmark of the dangerously effective malware Emotet<\/a>.<\/p>\n Emotet spreads by using past emails in Microsoft Outlook to create new emails, with results from convincing to bizarre.<\/p>\n<\/blockquote>\n Emotet also uses Wi-Fi networks to spread. If infected, a wirelessly connected device scans nearby networks and infects other devices using a password list.<\/p>\n Klinikum F\u00fcrth found 65 systems infected with computer viruses and malware. Thanks to acting fast, they isolated the malware before it encrypted data and held it for ransom \u2013 usually the Emotet attack\u2019s goal.<\/p>\n Malware is common. From March to June 2021, Kaspersky software blocked 1.7 billion malware attacks<\/a>. It\u2019s also becoming more dangerous, with cybercriminals using particularly damaging malware like Emotet<\/a> for fraud and ransomware attacks.<\/p>\n Professor Dr. Dormann recounts how hospital staff stepped up when they learned of the cyberattack. \u201cWhen our CEO told us what had happened, some were nervous. Some were pale. But all were motivated to act.\u201d<\/p>\n First, they began diverting new patients to nearby hospitals. Then they disconnected the hospital from the internet to reduce the risk of infecting other institutions. They put together taskforces of clinicians, administrators and IT staff to analyze the problem. Then, prioritizing the most critical medical devices, they checked for malfunctions. Extra staff were brought in to help switch to paper-based working.<\/p>\n Klinikum F\u00fcrth\u2019s story offers many lessons. Their fast response shows why organizations should plan what they\u2019ll do if attacked.<\/p>\nThe hospital\u2019s surgical cyberdefense<\/strong><\/h2>\n
How to stop and prevent malware attacks<\/strong><\/h2>\n