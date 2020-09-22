At the beginning of September, the digital infrastructure of the Düsseldorf University Hospital was hacked. The backers are probably based in Russia – it wasn’t their first cyber attack.

DÜSSELDORF dpa | After the hacker attack on the Düsseldorf university clinic, a possible trace of the perpetrators leads to Russia, according to the Ministry of Justice. The hackers introduced malware called “DoppelPaymer” into the system. This so-called encryption Trojan has already been used in numerous other cases around the world against companies and institutions by a group of hackers that, according to private security companies, is based in the Russian Federation. The Ministry of North Rhine-Westphalia announced on Tuesday in a report to the legal committee.

In the hacker attack two weeks ago, 30 servers at the university clinic were encrypted – and the blackmailers apparently actually wanted to attack the Düsseldorf University. The unknown perpetrators had therefore left a blackmail letter addressed to Heinrich Heine University. When the hackers were made aware of their wrongly hit target, they released the key to the blocked server. The IT of the university clinic is still not fully operational.

In the meantime, the public prosecutor’s office is also investigating negligent homicide after the death of a patient who was taken to a distant hospital because of the hacker attack.

The hacker attack is to be further processed in the state parliament: A report from the Justice Minister is expected in the Legal Committee on Wednesday, and the SPD parliamentary group wants to learn more about the hacker’s gateway the following week.

For the science committee, the opposition has submitted a questionnaire that revolves around the Citrix software. According to the Federal Office for Information Security (BSI), the hackers exploited a loophole in the system to encrypt the university clinic’s servers. According to its own information, the BSI had already warned of the problem with Citrix in January. The SPD suspects that the university clinic did not make security updates in time – and wants to know, among other things, what the state government knew about Citrix.

In the legal committee, a new briefing by Justice Minister Peter Biesenbach (CDU) is expected on Wednesday. In a written report last week, he informed the committee for the first time that the IT failure at the university clinic was actually due to a hacker attack.