Initial situation
A cyberattack on a hospital is one of the most critical scenarios in healthcare: patient care, IT, communication – everything is immediately affected. To be prepared for such an extreme situation, the St. Antonius-Hospital Gronau successfully applied for a tender from the Ministry of Labor, Health and Social Affairs of the State of North Rhine-Westphalia (MAGS NRW). The goal was to strengthen its own crisis resilience as part of a state-wide series of exercises.
Investigation approach
Lülf+ was commissioned to develop and conduct a realistic simulation for the crisis management team of the St. Antonius-Hospital. The exercise was intended to illustrate how a cyberattack can paralyze hospital operations – and at the same time demonstrate which organizational, communicative, and technical measures must take effect in such a situation.
Key findings (compressed)
Our team designed a tailored crisis scenario based on a complete IT failure. The exercise began in the early morning hours with a realistically designed attack notification, accompanied by a fictitious ransom note. The goal was to test the procedures of the crisis management team under real decision-making pressure, verify communication channels, and simulate cooperation with external actors – such as the State Criminal Police Office.
Recommended measures (compressed)
The management exercise provided important insights and allowed for the derivation of improvements for the future.
Results of the organizational investigation
After around five hours of intensive crisis management, the team drew a positive conclusion:
- Interdisciplinary cooperation within the crisis management team functioned well even under high pressure.
- Communication structures and decision-making processes were tested realistically.
- Valuable insights for optimizing internal processes were gained.
Our conclusion: “The team reacted excellently – calm, structured, and solution-oriented.”
Time: 2025