A major ransomware attack has disrupted operations at Germany-based Fresenius Group, Europe's largest private hospital operator, Brian Krebs of KrebsOnSecurity reports.
The attack was first reported to Krebs by a relative of an employee of Fresenius Kabi, a division of the Fresenius Group that supplies pharmaceutical drugs and medical devices. The source has told Krebs that the attack has affected computers in the company’s building, as well as every part of the company’s operations around the globe.
It appears that the malware used in the operation was the Snake ransomware, a relative newcomer on the malware scene that targets the entire network rather than individual workstations. First reports of Snake emerged in January 2020, as cyber experts took note of the ransomware’s unusual behavior of killing named process related to ICS solutions and SCADA systems, potentially placing OT environments at risk.
Fresenius spokesperson Matt Kuhn confirmed the company had suffered a ransomware attack.
“I can confirm that Fresenius’ IT security detected a computer virus on company computers. As a precautionary measure in accordance with our security protocol drawn up for such cases, steps have been taken to prevent further spread. We have also informed the relevant investigating authorities and while some functions within the company are currently limited, patient care continues. Our IT experts are continuing to work on solving the problem as quickly as possible and ensuring that operations run as smoothly as possible,” Kuhn said in a written statement.
The company did not reveal the details of the attack. Also, it is not clear whether Fresenius has agreed to pay a ransom demand to recover the encrypted files. The source said the company paid $1.5 million to resolve a previous ransomware infection.
