Cyber Attacks On Hospitals, A New Kind Of Deadly Virus

The consequences can be catastrophic when cyber criminals blackmail hospitals. Experts are warning hospitals that they're not doing enough to protect their patients’ data.

Cyber Attacks On Hospitals, A New Kind Of Deadly Virus
Florian Flade, Kristian Frigelj and Ileana Grabitz

BERLIN â€" Most of the patients of the Lukas Hospital were unaware that their hospital had fallen victim to a dangerous cyber attack. The hospital, located in the western German city of Neuss, had to deal with an unprecedented and unexpected catastrophe after hackers managed to smuggle a Trojan into the hospital database via an email.

The malware threatened to encrypt all data, which forced the hospital to turn off every single server and computer in its system. The hospital received a clear message from the still-unknown attackers: You will only be given the code to decipher the encryption if you pay a ransom. A real hostage situation â€" albeit a digital one.

Experts are constantly warning us about the dangers the Internet can pose. And Neuss is not the only hospital to have suffered such a fate, with several other German hospitals reported to be the victims of hacker attacks in the last few weeks. It seems that the immediate crisis management was successful, seeing as there are no indications that sensible data has been taken forcibly.

But these incidents give rise to fear of a particular kind, cyber threats worthy of a science fiction drama: the evil pharmaceutical company that steals patients’ data for their own benefit; the faceless criminals that steal data of famous patients to blackmail them for millions; the hackers able to turn respiratory or anaesthetic machines off via remotely controlled programs. “Data protection is not present in many of our hospitals,” says Karl Lauterbach, spokesperson for health policies of Germany's Social Democratic party. “It is actually surprising that nothing major has happened yet.”

But the hackers are becoming more and more aggressive. Members of the software underworld are designing newer and more complex viruses, Trojans and bugs to be sold on the black market. Even criminals with very little IT experience can utilize these for extortion, data theft and sabotage. Bespoke malware can be purchased for only a few hundred euros â€" and the damage it causes can reach in the millions.

It did not take extravagant programming skills to attack the centralized computer system of the Lukas Hospital. A simple email and an encryption program attached to it were sufficient. According to information obtained by Die Welt, local law enforcement is working under the assumption that the attack was carried out with the newest version of the TeslaCrypt malware.

Pay in bitcoin

The emails sent usually only contain the date and time in the subject line, which makes it impossible for antivirus software to filter out the "infected" email. If you open the attachment, you unwittingly install a program on your computer that can take down entire systems. After this has been done, the affected party usually receives a ransom demand. If you want to regain access to all your systems and files, you are to make a transfer of a specific amount in bitcoin cryptocurrency.

Such events are increasingly causing alarm at security agencies. On Dec. 23, a cyber attack paralyzed the computer systems of 27 transformer stations in Ukraine, resulting in 700,000 people in 100 cities being left without electricity for hours. The attackers of TV5 Monde did not only take over the French TV channel's website, Facebook and Twitter accounts but also temporarily brought all broadcasting to a complete halt. A year ago, hackers operating in Kazakhstan were reported to have manipulated currency transactions for a few minutes through the "Corkow" Trojan and thereby influenced the ruble exchange rate.

But it is the health system that may be the most vulnerable to such attacks. Connecting the patient electronically in surgery, in hospital and at home is already underway â€" but the data is not properly protected. Experienced hackers can enter medical equipment in hospitals remotely and carry out sabotage. Even machines that control the medication of ICU patients could be manipulated remotely.

Hospitals assure that they take security very seriously but experts insist that action needs to be taken. “IT is a means to an end in most hospitals,” says Thomas Jäschke, director of the Institute for Security and Data Protection in the Healthcare System. German hospitals only invest half of what other industries spend in their IT security: only 3.7 billion euros in 2015, according to U.S. market research institute Gartner.

But manufacturers of medical equipment are also responsible for the lapses in security. Anaesthetic and X-ray machines often do not even include the simplest of security measures, such as passwords.

Now the German government wants to introduce a new law to combat this, obliging operators of critical structures such as energy suppliers and hospitals to report cyber attacks and to guarantee a minimum in IT security.

Meanwhile, the Lukas Hospital in Neuss has managed to eradicate the latest virus and is slowly rebooting its systems without having had to pay the ransom. But the disease of cyber crime is bound to return.

Keep up with the world. Break out of the bubble.
Sign up to our expressly international daily newsletter!

How Thailand's Lèse-Majesté Law Is Used To Stifle All Protest

Once meant to protect the royal family, the century-old law has become a tool for the military-led government in Bangkok to stamp out all dissent. A new report outlines the abuses.

Pro-Democracy protest at The Criminal Court in Bangkok, Thailand

Laura Valentina Cortés Sierra

"We need to reform the institution of the monarchy in Thailand. It is the root of the problem." Those words, from Thai student activist Juthatip Sirikan, are a clear expression of the growing youth-led movement that is challenging the legitimacy of the government and demanding deep political changes in the Southeast Asian nation. Yet those very same words could also send Sirikan to jail.

Thailand's Criminal Code 'Lèse-Majesté' Article 112 imposes jail terms for defaming, insulting, or threatening the monarchy, with sentences of three to 15 years. This law has been present in Thai politics since 1908, though applied sparingly, only when direct verbal or written attacks against members of the royal family.

But after the May 2014 military coup d'état, Thailand experienced the first wave of lèse-majesté arrests, prosecutions, and detentions of at least 127 individuals arrested in a much wider interpretation of the law.

The recent report 'Second Wave: The Return of Lèse-Majesté in Thailand', documents how the Thai government has "used and abused Article 112 of the Criminal Code to target pro-democracy activists and protesters in relation to their online political expression and participation in peaceful pro-democracy demonstrations."

Criticism of any 'royal project'

The investigation shows 124 individuals, including at least eight minors, have been charged with lèse-majesté between November 2020 and August 2021. Nineteen of them served jail time. The new wave of charges is cited as a response to the rising pro-democracy protests across Thailand over the past year.

Juthatip Sirikan explains that the law is now being applied in such a broad way that people are not allowed to question government budgets and expenditure if they have any relationship with the royal family, which stifles criticism of the most basic government decision-making since there are an estimated 5,000 ongoing "royal" projects. "Article 112 of lèse-majesté could be the key (factor) in Thailand's political problems" the young activist argues.

In 2020 the Move Forward opposition party questioned royal spending paid by government departments, including nearly 3 billion baht (89,874,174 USD) from the Defense Ministry and Thai police for royal security, and 7 billion baht budgeted for royal development projects, as well as 38 planes and helicopters for the monarchy. Previously, on June 16, 2018, it was revealed that Thailand's Crown Property Bureau transferred its entire portfolio to the new King Maha Vajiralongkorn.

photo of graffiti of 112 crossed out on sidewalk

Protestors In Bangkok Call For Political Prisoner Release

Peerapon Boonyakiat/SOPA Images via ZUMA Wire

Freedom of speech at stake

"Article 112 shuts down all freedom of speech in this country", says Sirikan. "Even the political parties fear to touch the subject, so it blocks most things. This country cannot move anywhere if we still have this law."

The student activist herself was charged with lèse-majesté in September 2020, after simply citing a list of public documents that refer to royal family expenditure. Sirikan comes from a family that has faced the consequences of decades of political repression. Her grandfather, Tiang Sirikhan was a journalist and politician who openly protested against Thailand's involvement in World War II. He was accused of being a Communist and abducted in 1952. According to Sirikhan's family, he was killed by the state.

The new report was conducted by The International Federation for Human Rights (FIDH), Thai Lawyer for Human Rights (TLHR), and Internet Law Reform Dialogue (iLaw). It accuses Thai authorities of an increasingly broad interpretation of Article 112, to the point of "absurdity," including charges against people for criticizing the government's COVID-19 vaccine management, wearing crop tops, insulting the previous monarch, or quoting a United Nations statement about Article 112.

Juthatip Sirikan speaks in front of democracy monument.

Shift to social media

While in the past the Article was only used against people who spoke about the royals, it's now being used as an alibi for more general political repression — which has also spurred more open campaigning to abolish it. Sirikan recounts recent cases of police charging people for spreading paint near the picture of the king during a protest, or even just for having a picture of the king as phone wallpaper.

The more than a century-old law is now largely playing out online, where much of today's protest takes place in Thailand. Sirikan says people are willing to go further on social media to expose information such as how the king intervenes in politics and the monarchy's accumulation of wealth, information the mainstream media rarely reports on them.

Not surprisingly, however, social media is heavily monitored and the military is involved in Intelligence operations and cyber attacks against human rights defenders and critics of any kind. In October 2020, Twitter took down 926 accounts, linked to the army and the government, which promoted themselves and attacked political opposition, and this June, Google removed two Maps with pictures, names, and addresses, of more than 400 people who were accused of insulting the Thai monarchy. "They are trying to control the internet as well," Sirikan says. "They are trying to censor every content that they find a threat".

Keep up with the world. Break out of the bubble.
Sign up to our expressly international daily newsletter!