The main route of virus infections is through e-mail attachments. Spam emails appear so authentic nowadays that it is nearly impossible for employees to recognize whether they contain a Trojan Horse or other malware. Another weak point in hospitals are patient CDs containing DICOM images. You can be infected by simply starting the “autostart.exe” file, or launching the included PC viewer. The blackmailer can further exploit vulnerabilities in Adobe PDF Reader, Flash, Java and Word macros to infect computers, because these programs have dozens of security vulnerabilities. Especially in hospitals and clinics, the use of outdated software is virtually an invitation to cybercriminals. Almost 90% of all desktop PCs run on a Microsoft Windows operating system.
For this reason, it pays off for hackers to spread ransomware among Windows computers instead of Mac-based systems. The numbers back this up: According to a report (2015) by the German ‘Federal Office for Information Security’ (BSI), 400 million malicious programs for Windows computers have been identified. In addition to general information, the report also contains a separate article on ransomware in hospitals (page 23).