Hospitals in danger: cyberattacks and data hacking are exploding
There are countless public services affected by computer attacks: the agglomeration of Cognac, the cities of Chaville, Caen, the departments of Alpes-Maritimes and Seine-et-Marne… Since 2019, these then marginal events have become currency current. The objective is often the same, the ransom demand ranging from a few hundred euros to several million dollars, as was the case for theCorbeil-Essonne hospital in August 2022.
France under the threat of pirates
The health sector is also the most affected in France. Dozens of hospitals have been attacked, especially since the Covid crisis of 2020. As French policy is not to respond to ransom demands, these are more than 500,000 patient files that have been posted on Dark Web forums since these hacks began.
Cyberattack at the Corbeil-Essonnes hospital: with the forced return of paper and pen, the complicated daily life of healthcare teamshttps://t.co/IimapoTo6y pic.twitter.com/DykQoftzJR
— franceinfo (@franceinfo) October 4, 2022
An international phenomenon
France is not the only country affected by these attacks. We thus find in the list of victims of insurers, such as the Australian group Medibank, but also national emergency services. Thus, the NHS, the British health service, suffered a massive attack in 2017, forcing 45 hospitals to deprogram sometimes urgent interventions. Similarly, the HSE, the Irish equivalent of the NHS, was the target of ransomware in 2021, again causing a partial disruption of the healthcare system.
Massive NHS hack cyber attack today. Hospital in shut down. Thanks for delaying emergency patient care & endangering lives. Assholes.
— B (@brobertson2010) May 12, 2017
Beyond canceled appointments, the phenomenon has had dramatic consequences. Thus, in 2020, Germany had experienced a death following the hacking of the Düsseldorf hospital: a 78-year-old patient thus died following the impossibility of accessing the emergency services of the establishment.
In France, faced with this risk of attacks, theANSSI is working on a major outreach program. Thus, the National Agency for the Security of Information Systems seeks to raise the level of security, in particular for local authorities, which are not very aware of the dangers of the Web.