As Covid cases rose, so did hospital hacks in France

Filepic of healthcare workers adjusting medical equipment in the Intensive Care Unit (ICU) at the Centre Cardiologique du Nord private hospital in Saint-Denis, near Paris, amid the Covid-19 pandemic in France. — Reuters

FRANCE: At 2.00am on a day in early February, the deputy director of the main hospital in the southwestern French town of Dax took an urgent call from a normally unflappable colleague in the IT department.

"He's usually very calm, but I could tell in his voice that there was something very unusual," Aline Gilet-Caubere told AFP from her office.

The technician reported how personnel working overnight were suddenly unable to use their computers, which were flashing up a ransom note saying the hospital's systems had been hacked and encrypted.

The attackers made a classic demand: they would provide a key to reverse the damage upon payment in Bitcoin, and they supplied email addresses to arrange the transfer.

"We imagined we were a sanctuary as a hospital, with our role, that no-one would dare (target us)," Gilet-Caubere said. "But not at all, in fact. That's part of the psychological shock."

Unwilling and unable to pay, hospital managers had no choice but to order a return to the pre-internet, pre-computer era.

In the middle of the Covid-19 pandemic, paper records reappeared. Doctors took up pencils again and scribbled notes.

A manual system using stickers and flowcharts kept track of patients as they moved around.

There was no telephone system or email.

Payroll and supplier data were lost. All of the roughly 110-120 different software platforms run in the hospital were out-of-order.

And more than three months later, after weeks of chaos and frustration for medics, as well as months of work by specialised cybercrime technicians, the hospital is still not back to normal.

"We can't say when everything will be finished. We keep discovering problems," Gilet-Caubere said.

'Crisis in a crisis'

But the 2,200 staff at the Dax hospital were not the only ones to find themselves battling a public health emergency over the last 18 months and the worst technology outages of their careers.

Elsewhere in France, at least half a dozen other public hospitals have had their operations severely disrupted after being targeted by ransomware hackers since the start of the Covid outbreak in Europe in early 2020.

Cyrille Politi, chief technology advisor at the Hospital Federation of France, has no doubt that hackers have stepped up attacks - and have stepped over a moral line that made public hospitals mostly off-limits.

"It's a real paradigm shift," he told AFP.

According to French Digital Affairs Minister Cedric O, 27 hospitals experienced some form of cyberattack last year, including ransomware, while there was one per week on average in the first two months of the year.

In February, as alarm grew about the vulnerability of the health system, President Emmanuel Macron asked to be briefed personally by staff from Dax and Villefranche-sur-Saone.

He announced an extra billion euros for cybersecurity in the health sector, calling the spate of attacks at the height of the pandemic a "crisis within a crisis".


Though uncommon in France, attacks on hospitals have been a regular feature of global cybercrime for years, particularly in the United States.

"What these actors (hackers) are looking for across the board are targets that have an operational imperative," says Adam Meyers from US-based cybersecurity firm CrowdStrike.

"They target things like healthcare because healthcare is one of the unfortunate sectors where it's not a money decision, it's a life-or-death decision."

And in the US too, the pandemic was seen as a business opportunity by some hackers.

After dozens of attacks in late 2020, the FBI and US authorities warned about "credible information of an increased and imminent cybercrime threat" to hospitals and healthcare providers.

The bad news for hospitals, and other potential targets, is that ransomware attacks are becoming more sophisticated and more numerous.

Everything from information about the IT vulnerabilities of individual organisations to hacking and encryption technology is for sale online in closed criminal forums.

Gangs with names such as Evil Corp or DarkSide operate beyond the reach of Western law enforcement in Russia, or former Soviet republics, cybersecurity firms say.

The attack on the Dax hospital used a well-known malware called Ryak, and IT director Gilbert Martin said the hackers left "Russian traces".

But with the risks low, profits high, and the potential targets almost limitless, ransomware hacking is growing exponentially globally.

Victims made an estimated US$350mil (RM1.4bil) in payments in cryptocurrencies in 2020, an increase of 311% from 2019, according to specialised analysis company Chainalysis.

Earlier this month, DarkSide created fuel shortages in the US and extracted more than US$4mil (RM16mil) from Colonial Pipeline, a company carrying gasoline and diesel from the US Gulf coast to the northeast.

"Those who ply their trade in this multi-billion dollar sector are operating with almost complete impunity," Brett Callow from cybercrime firm Emsisoft told AFP.

For radiologist Nicolas Pontier at the Dax hospital, the experience of being unable to treat his cancer patients was a wake-up call that he hopes will be heeded by others.

"I never imagined I'd have to stop for two months," he said. "I thought in a week or two it would be sorted out. We still don't have a fully functional system." – AFP

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 46
Cxense type: free
User access status: 3
Join our Telegram channel to get our Evening Alerts and breaking news highlights

Next In Tech News

Opinion: Planning for a smart home future
How to protect your remote workers from drive-by cyberattacks
Are we taking zero trust too far in cybersecurity?
WhatsApp web: End of this feature after multi-device support? Know what spokesperson said
Amazon-backed Rivian in talks with ministers over UK factory -Sky News
Twitter is offering a bounty to help root out its algorithmic bias
World's first commercial re-programmable satellite blasts into space
Google wants to ban 'Sugar Daddy' apps.
'Papetura' is puzzle game made using footage of a real paper world
Four things that will save you if your phone gets stolen on holidays

Stories You'll Enjoy