The attack, which began overnight from Saturday to Sunday, forces the hospital to transfer patients requiring technical intervention to other establishments in Île-de-France.
The South Francilien Hospital Center (CHSF) in Corbeil-Essonnes is the victim of a computer attack which began in the night from Saturday to Sunday around 1 a.m., seriously disrupting its activity, in particular in the emergency room and in surgery, according to a press release from the establishment, confirming information from RMC. A ransom demand of 10 million dollars, formulated in English, was demanded by the hacker or hackers, revealed a police source to AFP.
An investigation for intrusion into the computer system and for attempted extortion in an organized gang has been opened to the cybercrime section of the Paris prosecutor’s office. The investigations were entrusted to the gendarmes of the Center for the Fight against Digital Crime (C3N), added the prosecution.
Read alsoHackers demand a ransom of 1.2 million euros from a hospital in the Marne
The Essonne hospital center triggered a “plan blanc», an emergency plan to ensure continuity of care. “The computer scientists noticed a malfunction. They thought it was a failure (…) but when there was a ransom demand of 10 million dollars, they understood“, testifies the director of the hospital, Gilles Calmes. The hospital’s business software, storage systems (including medical imaging) and the information system relating to patient admissions, have been made inaccessible according to management. Despite this degraded mode which requires the use of paper records, hospitalized patients are not affected, said management.
Patients referred to other hospitals
Patients whose care requires access to the technical platform are redirected to public hospitals in Île-de-France. Those presenting spontaneously to the emergency roomare assessed and then possibly sent to the medical care center of the Sud Francilien hospital center“, According to the press release.
For patients hospitalized at CHSF, “the medico-technical departments (in particular medical biology) are able to work in short-term in degraded mode“. The establishment “makes every effort to maintain outpatient care“, he promises, but”on the other hand, this exceptional situation should have an impact on the activity of the operating room». «This attack does not impact the operation and security of the hospital building“, reassures the hospital center which specifies that “all the networks remain in operation (telephone with the exception of fax, automated distribution flows, etc.).»
This degraded mode obliges the staff to return to the “paper file and pen“For patients already hospitalized, confirms to AFP Medhy Zeghouf, Deputy Mayor of Évry-Courcouronnes and Chairman of the CHSF Supervisory Board. “Some devices and systems are indeed disturbed, there will be deprogramming of acts and operations“, he adds. “You can no longer register a single patient“, Testifies on the spot Franck Banizette, union representative Sud Santé adding that “only vital emergencies are taken care of».
Read alsoThe lucrative business of a 22-year-old hacker, multiplying cyberattacks against SMEs
Contacted by AFP, the management did not wish to comment on this text. In April 2022, a cyberattack against the information system of the Groupement Hospitalier de Territoire (GHT) Cœur Grand Est had affected nine establishments and last March, a hospital in Ajaccio had also been the victim of a “ransomware cyberattack».
Sheer loss
The Minister of Health, François Braun, judged on Twitter the attack of “unspeakableand said he was waiting for legal action against the perpetrators. The Paris prosecutor’s office has announced the opening of an investigation for intrusion into the computer system and attempted extortion by an organized gang, supervised by its cybercrime section. The investigations were entrusted to the gendarmes of the Center for the Fight against Digital Crime (C3N), added the prosecution. The National Authority for the Security and Defense of Information Systems (Anssi) has beenquickly seized by the crisis unit“, he added.
According to a close source,a ransomware family has been identified“. This cyberattack once again targets a hospital, a sector that has been hacked for two years via ransomware. In 2021, Anssi recorded an average of one incident per week in a health establishment. But French public hospitals cannot pay a ransom because of their status and attacks against them are thus wasted because cybercriminals will not get any compensation, regardless of the damage caused.
Read alsoNexeya, the French specialist in electronics for industry, victim of a “serious cyberattack”
Experts say cybercriminals either act blindly, randomly targeting any computer system they manage to break into, or because they are inspired by examples of attacks on US hospitals, institutions often deprived of the budget allowing them to pay ransoms. To fight against this growing phenomenon, the State devoted in the wake of the Covid-19 epidemic an envelope of 25 million euros to the cybersecurity of health establishments. At the same time, 135 hospitals have been designatedessential service operators», which requires them to comply with more stringent cybersecurity rules than ordinary institutions.
SEE ALSO – Cyberattacks: how big is the Russian threat?