After the South Francilien (CHSF) hospital center in Corbeil-Essonnes at the end of August, it was the turn of the Versailles (Yvelines) hospital, which since Saturday evening has been subjected to a cyber attack that seriously undermines its operations.
According to the Regional Health Agency (ARS), André Migno Hospital has launched its white plan, partially deprogrammed operating room operations, and is “doing its best” to maintain outpatient care and consultations.
The machines are working, but their “network connection” is not working.
Personnel have been mobilized to supplement intensive care or continuous care services and equipment has been brought in as reinforcements while the attack is “not yet limited,” Health Minister François Braun explained on Sunday evening after touring the facility.
The care machines are working, but not their “networking”, “so you need more people to monitor patients in the intensive care unit, you need a person in front of each room to watch the screens,” said Mr. Brown, who spoke. about the “complete reorganization of the hospital.”
“It’s troublesome, since this morning we have to redo everything on paper by hand, and doctors also have to manually prescribe all their medicines,” the three nurses explained on condition of anonymity.
The hospital, which had already been attacked in recent months but was prevented, “put itself into data protection mode,” the minister continued. Samu “didn’t get through” and “broke himself up to respond” in the event of a transfer, he continued.
“Challenge 15”
“Admission is extremely limited (…) those who have to go to the emergency room and live in the Versailles area, call 15,” Digital Transition Delegate Minister Jean-Noel Barraud said, sparking a “large-scale attack.”
According to the Minister of Health, since Saturday evening “there have already been six transfers of patients”, “the most severe” (three from intensive care and three from the neonatology department), and other transfers can take place.
The Paris prosecutor’s office opened a preliminary investigation into extortion, access and maintenance of the state’s digital system, data entry and obstruction of the system, all by an organized gang, he said. The complaint was also filed on Sunday by the hospital.
The investigation has been entrusted to the Gendarmerie Digital Crime Center (C3N), which will lead the investigation, and the Cybercrime Subdirectorate (SDLC) of the Judicial Police.
The software identified as the source of the attack belongs to a family of viruses known to cybergendarmes, according to a source familiar with the situation. Asked about a possible attack claim and a ransom demand, the ministers declined to answer this Sunday evening.
According to François Braun, in France “the healthcare system is under daily attack” and “the vast majority of these attacks have been stopped.”
Sequence of attacks
On August 22, the South Francilien (CHSF) hospital center in Corbeil-Essones, which provides medical care to almost 700,000 residents of the greater Parisian crown, became the target of a cyber attack.
The hospital was seriously disrupted for several weeks before returning to normal operations in mid-October. The attack was followed by a $10 million ransom demand, later reduced to $1 or $2 million.
On September 23, the hackers gave the hospital an ultimatum to pay the ransom. After this period, they distributed confidential data about patients, staff and partners of the institution on the dark web.
In recent years, hospitals and healthcare systems have been the victims of cyberattacks by hacker groups that have blocked or leaked sensitive patient information and disabled equipment. These hackers use ransomware or “ransomware” to exploit security flaws in their computer systems to encrypt and lock them before demanding a ransom to unlock them.
In 2020, at the height of the Covid-19 crisis, there were 27 cyberattacks on hospitals.
Not only in France
Cyber attacks on hospitals and healthcare systems have also targeted many foreign countries. In Germany in 2020, a Düsseldorf hospital break-in disrupted emergency care for a 78-year-old patient who died after being sent to a more distant city.
In May 2021, the Irish public health service HSE Ireland was forced to shut down its entire IT system.