French Hospital Offline After Ransomware Attack

A hospital in France has been hit by a ransomware attack that knocked its computer systems offline, forcing staff to resort to good old fashioned pen and paper.

The attack on the 1,300 bed University Hospital Centre (CHU) in Rouen was revealed by the hospital in a posting on Facebook. The hospital admitted to “very long delays in care”, the AFP news agency reported.

Ransomware has enjoyed successful attacks recently against hospitals, cities, local governments and other organisations. Perhaps the most famous healthcare attack was the WannaCry ransomware attack, that struck worldwide in May 2017.

Healthcare attack

The global WannaCry ransomware attack disrupted operations at around 34 NHS trusts, preventing staff from accessing patient data and carrying out critical services.

Meanwhile medical staff at CHU were forced to abandon PCs as ransomware had made them unusable, a spokesman told the BBC.

Instead, staff returned to the “old-fashioned method of paper and pencil”, head of communications Remi Heym was quoted as saying.

The hospital insisted on its Facebook post that no patients were endangered as a result of the cyber-attack.

At this stage there are no details about the the strain of ransomware used in the attack, but it is said that servers and many desktop PCs were knocked out of action by the attack.

The hospital also said that no medical or personal data has gone missing as a result of the attack, and France’s national cyber-crime agency, ANSSI, helped limit the scale of the outbreak.

The good news is that no ransom was paid, and a formal investigation into who was behind the cyber-attack has been initiated by French police.

Phased defences

Security experts lamented that ransomware attacks against hospitals is not uncommon, mostly down to a lack of funding for adequate security protection.

“Over the course of the year, it has not become unusual to hear of hospitals being crippled by ransomware,” said Javvad Malik, security awareness advocate at KnowBe4.

“An overall lack of funding in security is usually a major contributing factor, with many hospitals running old or outdated systems which are easy to compromise,” said Malik. “The big question to be looking at is how ransomware gets into hospital networks. In the majority of cases, this will either be through unpatched software or through social engineering, typically a phishing email.”

“Therefore, to minimise the likelihood of ransomware getting onto systems, it’s important that hospitals start by focussing on these two common attack avenues,” he said.

Another expert highlighted the five phases of defences that organisations need to employ to protect themselves.

“Understanding what happens at each phase of a ransomware attack, and knowing the indicators of compromise (IOCs) to look for, increases the likelihood of being able to successfully defend against – or at least mitigate the effects of – an attack,” said Andrew Hollister, senior director of LogRhythm Labs.

“The five phases of defense against ransomware are preparation, detection, containment, eradication and recovery,” said Hollister. “Large scale outbreaks result from inadequate containment – where the local host needs to be immediately blocked and isolated from the network, which prevents additional files on the network from being encrypted.”

Another expert said that due to the critical nature of the work that hospitals do, they will continue to be targets.

“The healthcare sector faces a huge demand for its patient files from cyber criminals,” said Chris Ross, SVP sales, international at Barracuda Networks.

“This is because healthcare records holding sensitive and personal data are 100 times more valuable than stolen credit card details,” said Ross. “Hospitals in particular cannot afford disruption of their operations which means that if they get hit by a ransomware style attack, they have to negotiate with criminals and pay the ransom. Of course, attackers know this only too well, which is why they continue to focus their efforts on the healthcare sector.”

“While the digital security in many medical devices has yet to be standardised, hospitals and other medical facilities cannot just wait until devices become secure and safe,” said Ross. “They must build resilient infrastructures that protect their patients from attack and exploitation.”

Do you know all about security? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Boeing Starliner Launches Successfully, On Route To International Space Station

Boeing's crewless space taxi, CST-100 Starliner, one step closer to NASA certification, as it enters…

1 day ago

Apple Accused By Union Of Staff Law Violations At NY Store

Staff at Apple's World Trade Centre store in New York are allegedly being questioned and…

2 days ago

Canada To Join Five Eyes 5G Ban On Huawei/ZTE

Making it official. Canada is to turn its unofficial ban on 5G kit from Huawei…

2 days ago

Twitter To Hide Tweets That Share False Information During A Crisis

Potentially risking Elon's wrath over free speech, Twitter says it will hide tweets spreading misinformation…

2 days ago

Boeing Starliner Test Flight Readied For Tonight

Third time the charm? Main rival to SpaceX's Dragon capsule, the embattled Boeing Starliner spacecraft,…

2 days ago

September 13 Slated For iPhone 14 Launch – Report

No surprise there. Apple is slated to launch the iPhone 14 on 13 September according…

2 days ago