Attackers Demand $10m Ransom From French Hospital

A major hospital in Corbeil-Essonnes, southeast of Paris, has been targeted by a cyber attack, causing major disruption to services. The hackers made its demands in English soon after the attack started late night on Saturday 20th August. Since the attack, clinicians have had to access data and write prescriptions by hand.

The hackers have demanded a $10 million ransom to unblock the system, but the hospital’s director says it will not pay. The attack is being investigated by the Centre for Combating Digital Crime (C3N) a division of the gendarmerie

The hospital has a 1,000 bed capacity and covers a population of about 600,000 in the Ile de France region. 
It triggered a “white plan” emergency operation on Sunday 21st August, following the start of the attack to ensure some health services could be maintained.

The IT system at the hospital centre in Corbeil-Essonnes has been virtually paralysed by a cyber attack. Non-critical services have had to be directed elsewhere, and staff are now working with limited resources. "Each day we need to rewrite patients' medications, all the prescriptions, the discharge prescriptions," said Valerie Caudwell, the president of the medical commission of the CHSF hospital... For the nurses, instead of putting in all the patients' data on the computer, they now need to file it manually from scratch."

"You know the hospital would not pay, has not paid and will not pay this type of ransom," said CHSF director Gilles Calmes.

Police specialising in cyber crime are investigating. Cyber attacks targeting hospitals in France have been increasing recently, with 380 last year, a 70 percent rise from 2020. Paris prosecutor's office has opened an investigation into the hacking of the hospital's computer system and the attempted extortion by an organised gang.
According to the prosecutor's office, the investigation is being spearheaded by the gendarme's Centre for Combating Digital Crime division.

This latest cyber attack is once again aimed at a hospital, a sector that has consistently been the target of ransomware attacks. For several months, French hospitals have been under fire from cyber criminals. In April, the computer systems belonging to nine of the hospitals in France’s Grand Est region also experienced ransomware attacks.

France24:   Techmonitor:   Le Monde:  RFI:   Cybertalk:   Information Security BuzzBitDefender:   Dark Reading:

You Might Also Read: 

Update: British NHS Confirms A Damaging Software Attack:

 

« Healthcare Ransomware Attacks Have Almost Doubled
It's Just Good Business To Collaborate With A Web Data Collection Partner You Can Trust »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Securi-Tay

Securi-Tay

Securi-Tay is an information Security conference held by the Ethical Hacking Society at Abertay University, Dundee.

Hewlett Packard Enterprise (HPE)

Hewlett Packard Enterprise (HPE)

HPE is an information technology company focused on Enterprise networking, Services and Support.

GTB Technologies

GTB Technologies

GTB Technologies is a cyber security company that focuses on providing enterprise class data protection and data loss prevention solutions.

Glasswall Solutions

Glasswall Solutions

Glasswall Solutions has developed a disruptive, innovative security technology which provides unique protection against document based cyber threats.

Mega

Mega

Mega is a secure cloud data storage provider with browser-based high-performance end-to-end encryption.

Cyber Security Capital (CS^)

Cyber Security Capital (CS^)

Cyber Security Capital is a consultancy helping to mobilise and empower individuals, corporate leaders and entrepreneurs in cyber security.

Cyberia Group

Cyberia Group

Cyberia is a leading Internet and Security services provider with operations in Saudi Arabia, Lebanon and Jordan.

Assystem

Assystem

Assystem delivers a comprehensive security approach for the industrial and service sectors that integrates physical security systems, industrial cyber-security, functional safety and dependability.

Envieta

Envieta

Envieta is a leader in cryptographic solutions. From server to sensor, we design and implement powerful security into new or existing infrastructure.

Towerwall

Towerwall

Towerwall offers a comprehensive suite of security services and solutions using best-of-breed tools and information security services.

Strike Graph

Strike Graph

The Strike Graph GRC platform enables Security Audits & Certifications.

Fluid Attacks

Fluid Attacks

Fluid Attacks specialize in red team operations as well as technology development that continuously enhance our security testing services.

Trellix

Trellix

Trellix is an extended detection and response (XDR) solutions provider created from a merger of McAfee Enterprise and FireEye Products.

Skyhigh Security

Skyhigh Security

Skyhigh Security enables your remote workforce while addressing your cloud, web, data, and network security needs.

Prembly

Prembly

Prembly are a compliance and security infrastructure company.

SPIE Switzerland

SPIE Switzerland

SPIE Switzerland AG, a subsidiary of the SPIE Group, is a Swiss full-service provider of ICT, multi-technical and integral facility services.