Cybercrime and hospitals

Recently on the computer hacking of the hospital of Oloron-Sainte-Marie which was the news in the field of computer hacking of a health facility.

The computer attack lasted precisely 36 hours. It was apparently targeting the hospital's Android systems.

This article will also interest you: Computer security: protecting yourself effectively from ransomware, myth or reality for hospitals

In the same vein the hospitals of Villefranche and Dax were also hit much earlier in the month.

If in 2020, if it were American hospitals that were at the heart of this wave of computer hacking directed against health institutions, it would seem that 2021 is destined for French hospitals in some way.

The attack on the hospital in Oloron-Sainte-Marie is as usual based on a ransom program. According to the French news agency, it was last Monday that the cyberattack was detected by the computer services of the health facility. Hackers demanded payment of a $50,000 ransom payable in bitcoin in exchange for the decryption key.The authority of the hospital did indeed refuse to pay this amount. The consequences of the computer attack are the same as everywhere. The slowdown of the system, the postponement of certain operations, the use of analog means for exchanges and transmissions of information. According to the French news agency, the vaccination process against Covid will have to be blocked. The hospital says it has lodged a complaint with the relevant authorities. Namely the gendarmerie and the National Information Systems Security Agency. The latter dispatched officers to assist in the process of setting up the hospital's systems. The Paris prosecutor's office has been tasked with investigating the cyberattack.

All that can be remembered in this story, the hospital of Oloron-Sainte-Marie is just one victim among many.

"It's not really a novelty in itself. The innovative element we see is the frequency of these attacks since the beginning of the year," notes Loïc Guézo, Secretary General of the Computer Security Professionals Club. The remark was also made by the French government, which immediately sent a plan to accompany health facilities in France.

The question that experts are currently asking is what could have motivated the explosion of computer attacks of this kind, especially against French hospitals. "The attacks on French hospitals in 2021 are a simple copy/paste of those that targeted American hospitals in 2020. French institutions, which are highly controlled public structures from an accounting point of view, are less willing to pay the ransom. On the other hand, American hospitals, which have a slightly different culture, were much more willing to pay. explains Loïc Guézo. "As U.S. hospitals have reviewed their cybersecurity devices following last year's incidents, attackers are moving quite naturally to health facilities in other countries, hoping to carry out similar operations. ».

Among the attempts to respond to explain the situation, it was argued that the lack of security of the computer systems and networks of French hospitals was made as an argument. In this regard, report provided by the National Information Systems Security Agency produced on 22 February has made a very dramatic picture of the computer security of the hospital sector.

"This is a problem that hospital experts often mention, there is a gap between the level of investment in health facilities and their level of safety," says Loïc Guézo. "These are often black boxes, which cannot always be patched or used with security software at the risk of losing the warranty. ».

However, these security problems are not immune to computer hacking. They know exactly where to strike to make it exactly the way they want it to be.

"In ransomware, we have gone from a modus operandi where attackers targeted a completely random position to criminal attacks that seek to lock down the entire computer fleet and demand ransoms accordingly," says Loïc Guézo. "The days of luck-free attacks, Locky-style, are over: today ransomware attacks go through several phases involving highly specialized players in each stage, and the attackers who trigger the ransomware generally know very well who they are dealing with when they open negotiations with the victim. our expert.

Now access an unlimited number of passwords: