- Former FBI Cyber Division Deputy Cynthia Kaiser Urges DOJ to Charge Ransomware Hospital Attackers with Murder If Patient Dies
- Research from the University of Minnesota tied at least 47 deaths to ransomware between 2016-2021; health attacks almost doubled from 238 in 2024 to 460 in 2025
- Kaiser also calls for exploring terror designations for groups that repeatedly target hospitals, allowing for sanctions and broader consequences
If a ransomware actor attacks a hospital and the attack results in the death of a patient, the hacker must be charged with murder. This is what Cynthia Kaiser, former assistant director of the FBI’s cyber division, recently urged the US Department of Justice to consider.
In testimony before a House subcommittee hearing, Kaiser explained that ransomware attackers are causing deaths, citing University of Minnesota research documenting at least 47 deaths attributable to hospital ransomware attacks between 2016 and 2021. She added that the number is “almost certainly in the hundreds today.”
She also emphasized that healthcare is now the number one ransomware target, claiming that attacks against hospitals will almost double from 238 in 2024 to 460 in 2025. Kaiser says this is a deliberate calculation, as the attackers know when lives are at stake, hospitals are more likely to pay.
The article continues below
No user action required
“Felony-murder law does not require a defendant to pull the trigger, only that they commit a dangerous crime that results in death,” she said at the hearing, urging the DOJ to pursue homicide charges using existing felony law.
She also said terrorist designations should also be investigated. Kaiser urged the Departments of State, Justice and Treasury to formally evaluate whether existing terrorism laws apply to ransomware actors who deliberately and repeatedly target hospitals, which would unlock sanctions, travel restrictions and diplomatic consequences.
“I worked on these issues for years at the FBI, and we need to step up even more,” she said. “They need additional authorities and resources to be able to [do so].”
Some ransomware actors have deliberately avoided hospitals and critical infrastructure organizations—not because they were too difficult to target, but because they immediately attract the attention of the FBI and other law enforcement agencies. In fact, some ransomware groups publicly terminated partnerships with affiliates that would use their encryptions against hospitals.
Via The register
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds.
