Ransomware attack forces French hospital to transfer patients

25 Aug 2022

Image: © ipopba/Stock.adobe.com

The hospital has referred patients elsewhere as the cyberattack rendered various technical systems ‘inaccessible’.

A French hospital has been hit with a ransomware attack, forcing it to send patients to other institutions as it tries to fix its impacted systems.

The Centre Hospitalier Sud Francilien (CHSF) said an attack on its computer network was detected on 21 August.

The cyberattack made various systems “inaccessible” including business software, storage systems in areas such as medical imaging, and the info systems on patient admissions, according to a translated CHSF statement.

As a result of the attack, patients whose care requires access to the hospital’s technical systems have been redirected to other hospitals in the area. Those who present themselves to the emergency room are being evaluated by CHSF’s medical staff, and being transferred to other institutions if necessary.

The hospital, which serves an area of around 600,000 people, said that measures have been taken to care for those already hospitalised there. However, the “exceptional situation” is expected to have an impact on the operating room, as it is closely linked to the affected technical platform.

French paper Le Monde reports that a ransom of $10m was demanded by the hackers responsible. According to police sources, the investigation has been referred to the C3N cybercrime unit.

Targeting critical infrastructure

Cybercriminals have been increasingly targeting critical infrastructure in order to cause further pressure from their attacks and have their ransom demands met.

One of Greece’s largest natural gas distributors suffered a data breach this month as a ransomware gang tried to capitalise on Europe’s energy crisis, while there was an attack on a UK water supplier last week as the country faced drought conditions.

Healthcare is no exception, as the sudden risk to patients and need to keep operations moving can make hospitals a prime target for criminal gangs.

Earlier this month, the UK’s National Health Service suffered disruptions from a cyberattack, which targeted systems that facilitate patient referrals, ambulance bookings, out-of-hour appointments and emergency prescriptions.

Last year, the Irish health service suffered a “significant and serious” ransomeware attack that affected more than 80pc of IT infrastructure

Despite the dangers to critical infrastructure, an IBM report in July found that only 21pc of critical infrastructure organisations studied had adopted a zero-trust security model.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Leigh Mc Gowran is a journalist with Silicon Republic