- Former FBI Cyber Division Deputy Cynthia Kaiser Urges Justice Department to Charge Hospital Ransomware Attackers with Felony Homicide If Patient Deaths Occur
- Research from the University of Minnesota linked at least 47 deaths to ransomware between 2016 and 2021; Attacks on healthcare nearly doubled from 238 in 2024 to 460 in 2025.
- Kaiser also calls for exploring terrorism designations for groups that repeatedly attack hospitals, allowing for broader sanctions and consequences.
If a ransomware actor targets a hospital and the attack results in the death of a patient, the hacker should be charged with felony murder. This is what Cynthia Kaiser, former deputy assistant director of the FBI’s cyber division, recently urged the US Department of Justice to consider.
In testimony before a U.S. House of Representatives subcommittee hearing, Kaiser explained that ransomware attackers are causing deaths, citing research from the University of Minnesota that documents at least 47 deaths attributable to ransomware attacks on hospitals between 2016 and 2021. He added that the number is “almost certainly in the hundreds today.”
He also emphasized that healthcare is now the number one target for ransomware, stating that attacks on hospitals nearly doubled from 238 in 2024 to 460 in 2025. Kaiser says this is a deliberate calculation, as attackers know that when lives are at stake, hospitals are more likely to pay.
Article continues below.
No user action required
“The felony murder law does not require the defendant to pull the trigger, only that he commit a dangerous felony that results in death,” he said during the hearing, urging the Justice Department to file murder charges using the existing felony murder law.
He also said terrorism designations should also be explored. Kaiser urged that the State Department, Justice and Treasury formally evaluate whether existing antiterrorism statutes apply to ransomware actors who knowingly and repeatedly target hospitals, which would unlock sanctions, travel restrictions and diplomatic consequences.
“I worked on these issues for years at the FBI and we need to take it even further,” he said. “They need additional authorities and resources to be able to [do so].”
Some ransomware actors have deliberately avoided hospitals and critical infrastructure organizations, not because they were too difficult to attack, but because they immediately attract the attention of the FBI and other law enforcement agencies. In fact, some ransomware groups publicly ended their partnerships with affiliates who would use their encryption against hospitals.
Through The Registry
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds.
