BET À DAY
Activity disrupted in the emergency room and in surgery, patients redirected: a hospital center in the south-east of Paris has been the victim of a computer attack since the night of Saturday to Sunday, according to the establishment, to which the or the hackers are demanding a ransom of 10 million dollars.
“The IT specialists noticed a malfunction. They said to themselves that it was a breakdown (…) but when there was a ransom demand of 10 million dollars, they understood”, testifies the director of the hospital, Gilles Calmes.
The ransom demand was made in English, a police source said. In vain, since French public hospitals cannot pay a ransom because of their status.
This cyberattack against the Center hospitalier sud-francilien (CHSF), in Corbeil-Essonnes, makes “for the hour inaccessible all the hospital's business software, storage systems (including medical imaging) and the information system relating to patient admissions”, had indicated earlier the establishment, in a press release sent on Monday .
An investigation for intrusion into the computer system and attempted extortion by an organized gang has been opened to the cybercrime section of the Paris prosecutor's office.
According to a close source, “a ransomware family has been identified”.
Opened in 2012 and with a capacity of a thousand beds, this hospital center provides health coverage for nearly 600,000 inhabitants.
“Since yesterday (Sunday, Ed. ), the CHSF has made every effort to ensure that all urgent care is satisfied”, according to Mr. Calmes.
But new admissions are complicated, and emergency patients “are directly referred” to other establishments in the region. Deprogramming of the operating theater is to be feared.
The hospital center has launched a “white plan”, an emergency plan to ensure continuity of care.
It is not the first time that a hospital has been targeted, a wave of cyberattacks targeting the French and European hospital sector for around two years.
In 2021, on average, one incident per week occurred in a healthcare establishment in France, according to official data.
Thus, in April, a malicious attack targeting the information system of the Groupement Hospitalier de Territoire (GHT) Coeur Grand Est had affected nine establishments and in March, a hospital in Ajaccio, in Corsica (south), had also been the victim of a ransomware cyberattack.
In 2021, hospitals du sud-ouest in Dax (Landes), Saint-Gaudens (Haute-Garonne) and Oloron-Sainte-Marie (Pyrénées-Atlantique) had also been victims of cyberattacks, disrupting or causing the closure of their IT services.
According to experts, cybercriminals act either blindly, randomly targeting any computer system they manage to break into, or because they are inspired by examples of attacks against American hospitals , often private establishments with a budget allowing them to pay ransoms.