Written by Sean Lyngaas
Fresenius Group, a big European health care conglomerate, said Wednesday that a computer virus had infected at least one of its businesses’ IT systems. It’s another sign that malicious hackers see medical organizations as fair game despite a global health crisis.
The Germany-based corporation said the security incident had hampered some production in its pharmaceutical business, Fresenius Kabi, which makes everything from nutritional products and infusion therapies to pain relievers that are in high demand during the coronavirus pandemic.
Fresenius Group spokesperson Steffen Rinas declined to specify which production units were affected by the malware. He did say that Fresenius’s hospitals — said to be the largest private network in Europe — were not affected by the incident. The company did not specify the nature of the virus.
“As a precautionary measure in accordance with the security protocol drawn up for such cases, steps have been taken to prevent further spread,” Rinas said in an email. “Nevertheless, our production continues with certain limitations. Also, our patient care continues. Our IT experts are continuing to work on solving the problem and ensuring that operations run as smoothly as possible.”
Reports from independent journalist Brian Krebs and German technology news outlet Golem said the computer virus was ransomware, raising the possibility that Fresenius would have to negotiate with hackers or rebuild its systems.
There were also signs the malware had spread to other parts of Fresenius’s corporate empire, which reported $38 billion in sales for 2019. The malicious code affected Fresenius’s pharmaceutical business in Norway, according to Norwegian newspaper Halden Arbeiderblad. The company has a factory in Halden, south of Oslo, that produces pharmaceuticals.
Rinas, the Fresenius Group spokesperson, said the Norwegian plant was continuing production “with certain limitations.” He declined to elaborate.
Criminal and government-linked hackers have consistently looked to hack health care organizations and government bodies responding to the COVID-19 crisis. Criminals typically hack these organizations to try to extort them; multiple ransomware attacks on companies involved in pandemic response have been reported.
Spies, on the other hand, are looking for intelligence or to steal information that can help treat the virus. With a vaccine for the respiratory disease likely still many months away, U.S. and U.K. cybersecurity officials on Tuesday warned that government-linked hackers would continue to target medical organizations.