German Public Prosecution Service will not prosecute criminals behind ransomware for patient death

Spread the love

Germany’s prosecution has halted a two-month investigation into a patient’s death without holding ransomware criminals responsible. The death may have been related to a ransomware attack on a Düsseldorf hospital.

The Cologne prosecutor Markus Hartmann announced to Wired that the Public Prosecution Service has decided not to prosecute the death of the woman after the investigation. His statement indicates that it is not possible to prove that there is a legal causal link between the ransomware attack and the death of the victim.

In mid-September, an ambulance wanted to rush the patient to the University Hospital Düsseldorf, but a ransomware attack brought the systems down and the ambulance had to divert to the hospital in Wuppertal. Her treatment could therefore only start an hour later. The OM has come to the conclusion that it makes no sense to continue the case and hold the malware spreaders responsible, because it cannot be proven to what extent the delay contributed to her death and whether she could have survived much longer.

After the incident, the Public Prosecution investigated whether the cyber criminals could be prosecuted for dead by negligence. According to Hartmann, it is only a matter of time before there is a case where ransomware irrevocably leads to the death of a person, although the evidence for this will often remain difficult, he says.

You might also like