The hospital sector in the face of the computer threat

The pandemic has caused a great deal of confusion in the health field.

Coronavirus/CoVid-19 is a health crisis that has forced almost the entire world to confine itself for several months. To take some rather unprecedented measures on a large scale, especially telework. This has led in an exceptional way to the massive use of digital solutions. In view of this, cybercrime has welcomed this.

Computer attacks have exploded. All structures are at the mercy of potential cyberattacks without really knowing how to protect themselves effectively. Many solutions related to COMPUTER security and remote collaboration have therefore been developed. The hospital sector, which is much more vulnerable, is exposed because of its extreme demand and weakness in security policy.

This article will also interest you: In the midst of the coronavirus pandemic crisis, a Czech hospital is the victim of a computer attack

"Several Ransomware gangs w[logiciels de rançon ou logiciels d’extorsion – NDLR]ill stop their attacks on health organizations during the pandemic" (1). The specialist media outlet BleepingComputer could be found.

In the shadow of the coronavirus, another epidemic or even a skin our pandemic was progressing and doing more damage. Despite the promise of many cyber criminals not to attack health institutions and hospitals, unfortunately, these same structures are much more attacked like businesses. It must be noted that the promise has not been kept, at least by a certain party.

According to the European IT security company, BitDefender, there was "an increase of more than 4[des actes malveillants, NDLR]75% in March compared to February".

In early April, Interpol, the International Organization for Police Cooperation, openly expressed concern about a rather dramatic situation. Several other personalities were quick to point out all the computer attacks that directly target health organizations.

Sometimes these attempts at computer attacks can be foiled. As was the case in Romania thanks to the intervention of a group of hackers called "PentaGuard". But that hasn't deterred cybercriminals who have launched new attacks, some of which have reached their goal.

In France, for example, this is considered to be one of the biggest computer attacks on health institutions on 22 March, affecting the computer systems of the Public Assistance – Hospitals of Paris (AP-HP).

"The one-hour attack was handled by the AP-HP provider and never reached its infrastructure," the institution's press service said a few hours later, noting that the provider "decreased internet access, which resulted in blocking external access to messaging, Skype and external access to AP-HP applications."This action, together with the blocking of several accesses from external areas throughout Europe, has also helped to limit in some way the significant consequences of the cyber attack. The problem is that this is not the first cyberattack affecting Public Assistance – Hospitals of Paris. Like health organizations around the world, these computer systems are constantly targeted by attempted intrusions and attacks of all kinds.

To minimize the computer risks caused by the rise in cyber attacks, all stakeholders should be made aware of the practice of good deeds and good digital hygiene behaviours. In addition, the tools to increase its protection internally are increasingly available, not to mention specialists who have always made it their profession. Moreover, it must be said that since 2017, the state has forced health facilities to report computer incidents they suffer. Whether accidental or malicious. "The information feedback is a service to the community," Noted Philippe Loudenot a few months ago. "We must not be ashamed, there is no value judgment or stigma," stressed the FSSI, which he said "everyone is being hacked, even the Élysée, Matignon and big business".

The Digital Health Agency (ANS) recorded in just one year, as described in the 2019 edition of its "Observatory of Reports of Safety Incidents of Information Systems for the Health Sector", "nearly 400 incidents" and "seventy requests for support" made by health organizations to its cyber safety unit.

There has been a fairly gradual and permanent evolution of the figures on organizations seeking the help of the Digital Health Agency. This, of course, corresponds to the rise of cyber-malveillance actors. "In a context where the threat continues to grow and adapt, cyber security at the scale of each health structure has become a national priority," Dominique Pon, the minister's head of digital health, and Laura Létourneau, a ministerial delegate for digital health, wrote in the latest ANS Observatory.

Now access an unlimited number of passwords: