Ambulance at the Malaysia rally organized by BERSIH, the coalition for clean and fair election in Jalan Ampang, Kuala Lumpur, Malaysia.

Source: Shutterstock

Cyberattacks are fast becoming a physical threat

  • A patient died as a result of a hack on a German hospital’s computer systems earlier in September
  • Detectives are now investigating the ‘negligent homicide’ by probing the as-of-yet unknown cybercriminals
  • The case highlights the growing infringement of cyberthreats on human life

When hackers disabled computer systems at Düsseldorf University Hospital on September 9, one patient died as doctors attempted to transfer her to another hospital.

The result: Cologne prosecutors have officially launched a negligent homicide investigation, pointing at the as yet unknown hackers as potentially culpable.

The point here is, cybersecurity is no longer a buzzword or an ethereal threat; it’s a continuously evolving beast, and one that is having greater implications on human lives.

The female patient – whose life-saving treatment would not have required a transfer were it not for the hack – is perhaps the first death to fall directly at the feet of a cybersecurity incident, though such breaches wreak havoc in a multitude of ways.

In this case, detectives brought in cybersecurity experts to ascertain whether there is a confirmed link between the hack and the patient’s death, and how that can be carried into judicial procedures.

The diligence and prospective prosecution linked to this cyberattack (and fatality) is another poignant turn in the ongoing narrative of healthcare cyber threats.

Inoperable healthcare systems and the threat to life

Ransomware and malware is notorious for its scrambling of data, which renders vital computer systems inoperable.

Hackers often demand a digital “ransom” – usually in cryptocurrency – to return systems to operation. This is an ever-escalating trend, and the risk associated with such downtime – especially in the healthcare industry – is stark.

A third of all ransomware data breaches happen in hospitals, and the number of breached personal records in the healthcare industry nearly tripled from 2018 to 2019, jumping from ​15 million to 40 million​. Malware attacks on hospitals are either deliberately channelled attacks or collateral damage amidst uncontrolled extortive campaigns across the internet.

The latter occurred during the massive disruption of the NHS by the WannaCry ransomware in 2016.

Previous malware attacks have outed control systems, subverted predictive analytics, and breached failsafes to threaten human life. The troublesome truth is that healthcare systems tend to be overburdened, overrun, and over-reliant on legacy IT systems.

The industry has not just been historically wrought by cyberattacks but is now arguably more vulnerable than ever before.

Other industries that are cyber-physically vulnerable…

As smart buildings, smart cities, connected cars, automated manufacturing, remote learning and all the rest of it continue to evolve, incidents in the digital world will have a much greater effect in the physical world as risks.

Alongside healthcare, there are other industries particularly susceptible to the increasingly connected, increasingly IT-reliant infrastructures that prop our society up…


Cyberattacks continue to plague the education sector. With the increased use of technology for teaching, learning, and other academic operations in today’s remote or blended environment, schools have also become more vulnerable to cyberattacks.

Microsoft Security Intelligence found that, in May of this year, 61% of reported enterprise malware threats were in the education sector. These cyber attackers are nothing if not opportunistic; around the same time, children across every continent were turned out of schools and (somewhat) left to their own devices. The attack surface of schools and other academic institutions is only increased by the fact that all those devices make for a more diffuse and web active user base.

Though not the immediate threat to physical life that healthcare breaches are, attacks on education systems too are sincerely troublesome. Often, phishing attacks or social engineering can leave susceptible children in debt or suffering from mental health issues or feelings of guilt. Ransomware can result in the same negative outcomes. That’s not to mention the negative impact of lost learning on future prospects, confidence, etc, that will derive from a jarring system outage and its aftermath.

Data Protection is another pertinent issue. School databases contain private and personal information about minors. The risks associated with these being nefariously accessed are another reason that institutions should be bolstering their cybersecurity defenses.

Energy and engineering

Energy and utility firms, especially nuclear power companies, contain critical and powerful data that hackers may be interested in. Hackers also commonly target such organizations because they can cause widespread physical damage in a single blow, disrupting national grids and depriving people of energy.

Wired Magazine noted how something as seemingly benign as a single water heater can be exploited to trigger a mass blackout across hundreds of homes. As it turns out, hackers can manipulate network imbalances, create overloads, and otherwise manipulate systems to damage areas and, by extension, their people.

In terms of engineering and communications, a significant threat could be posed by further ransomware or invasive breaches of the transport industry. Air traffic control and the aviation industries are among the industries that have fallen victim to ransomware in the past (the flight information screens and usual check-in processes at Bristol Airport went dark after the airport’s administration system was the subject of a cyberattack, though this didn’t impact flight control).

The implications of increasing and more vicious attacks on human life are probably best not covered.

Government agencies

Government agencies may be the first choice for many cybercriminals, simply because of the amount of confidential data that they store, and the tangibility of the issues that a breach may provide on a geopolitical/diplomatic level.

If cybersecurity protocols in government institutions aren’t up to date – and/or employees remain ill-equipped in spotting cyber threats like phishing scams and malicious emails as well as maintaining personal data hygiene – then government offices will remain susceptible to data leaks, diplomatic frictions, and, at worst, cyber warfare.