Europe’s largest private hospital operator Fresenius attacked with Snake ransomware

Fresenius attacked with Snake ransomware

Fresenius, Europe’s largest private hospital operator and major provider of products and services for dialysis, was affected during Snake ransomware cyberattack.

According to KrebsOnSecurity sources, the incident disrupted some systems, but care for the patients continues.

Germany-based Fresenius company includes four independent companies: Fresenius Medical Care, a leading provider of services for people with kidney failure; Fresenius Helios, Europe’s largest private hospital operator; Fresenius Kabi, a pharmaceutical and medical device company; and Fresenius Vamed, medical facility manager.

Overall, Fresenius employs nearly 300,000 people in more than 100 countries, and is ranked 258th on the Forbes Global 2000. The company provides products and services for dialysis, hospitals, and inpatient and outpatient care, with nearly 40 percent of the market share for dialysis in the United States.

“This is worrisome because COVID-19 causes many patients to experience kidney failure, which has led to a shortage of dialysis machines and supplies”, — reports KrebsOnSecurity.

We live in truly difficult times – I recall that the other day, the Indian techno giant Jio disclosed data of people tested for COVID-19.

One Fresenius Kabi employee in the United States said that the computers in his company’s office were hacked and a cyberattack affected company’s operations around the world.

During the attack, hackers used Snake ransomware, which is a relatively new malware. Snake operators attack mainly large companies, turn off their IT systems and demand a ransom in bitcoins for access to data.

“I can confirm that Fresenius IT systems have been the victim of the malware. As a precaution, have been taking steps to prevent further spread. We also informed the relevant investigating authorities, and although some functions in the company are currently limited, patient care continues,” – said Fresenius representative.

According to security researchers, Snake ransomware is unique as it tries to identify IT processes associated with enterprise management tools and large automated process control systems. The malware is written in Golang and has a higher level of obfuscation than other ransomware.

After starting, Snake deletes shadow copies of computer volumes and then disables numerous processes associated with SCADA systems, virtual machines, industrial management systems, remote management tools, network management software, etc. Then it encrypts files on the device, skipping those located in the Windows system folders, and various system files.

By Vladimir Krasnogolovy

Vladimir is a technical specialist who loves giving qualified advices and tips on GridinSoft's products. He's available 24/7 to assist you in any question regarding internet security.

Leave a comment

Your email address will not be published. Required fields are marked *