Ransomware: Spawning New Liabilities Beyond The Ransom

A mother sued an Alabama hospital, alleging the death of her baby was the direct result of a cyberattack that left the hospital without some services.

Court records show that the hospital was still trying to recover from a ransomware attack at the time they admitted the woman for delivery.

The hospital still could not access patient medical records, was without its wireless system to track medical staff, and did not have working monitoring equipment at the nurses' station.

The plaintiff's baby had the umbilical cord around her neck, blocking the supply of blood and oxygen. Had the hospital's monitoring equipment been functional, it would have alerted staff of this dangerous situation. Unfortunately, the baby suffered severe brain damage and died several months later.

Evidence in the case show the attending physician, also named as a defendant in the case, expressed her belief that this death "was preventable," and had she been notified of the situation, she would have performed a Caesarean section.

The hospital denies liability in the death, stating they and other treating physicians felt it safe to continue serving patients while addressing the effects of the cyberattack. This is the first case to be litigated in court involving a hospital death related to ransomware. Lisa Vaas "Baby's Death Alleged to Be Linked to Ransomware" threatpost.com (Sep. 30, 2021).

Commentary and Checklist

Most ransomware breaches create exposure for the ransom amount and/or for identity theft which can lead to ancillary claims from shareholders and consumers. This matter is unique in that it is claimed that the breach led to negligent care and the wrongful death of a patient.

The risks from breaches, including ancillary risks, continue to grow. If successful, ancillary harms from breaches may be successful in the future.

Ransomware locks up the entire system or parts of the system, making it inaccessible to users, which can be debilitating to a healthcare facility. Because infected files typically enter a system through user missteps, user behavior should be a primary focus in your cybersecurity plan.

Training users to foster an attitude of heightened suspicion when reading and answering emails, and accessing internet websites is important, especially messages that are not expected.

Here are suggestions to help you limit the risk of a systems breach and ransomware attack:

  • Be intentional about segmenting your network to isolate the most critical systems and databases.
  • Limit what sites your employees can access via your network, and what files they can download.
  • Routinely monitor network traffic for known Trojan viruses and their properties, and to identify unusual network requests that may signify an infection.
  • Train all network users on system security best practices and preventing malware infection, and keep them informed about current threats to network security.
  • Instruct employees to immediately report any unusual systems behavior to IT staff.
Finally, your opinion is important to us. Please complete the opinion survey:

What's New

The Right And Wrong Way To Monitor Employee Internet Use

A recent announcement creates controversy over privacy rights. Employers often use technology to monitor employees. However, they must do so wisely. Read more.

Why Implementing "Zero-Trust Principles" Can Help Prevent Credential Hijacking

With cybercriminals relying less on malware, organizations must protect their networks, devices, and data with zero-trust security. Learn more.

Keep Devices And Wearables Close And Secure To Prevent Stalkerware

The FTC cracks down on one manufacturer of stalkerware. How can you keep stalkerware and other forms of spyware from tracking you? We provide tips.