Panic at Dax hospital: since Monday, the establishment has been paralyzed by a large-scale cyberattack. Hackers have taken control of the servers and demand a ransom to restore access to the data. Everything is running slowly, for example, staff cannot access e-mail or read digital patient records. This is not an isolated case: cyber attacks against hospitals are increasing in France. Europe 1 investigated this new phenomenon against which cybersecurity actors, public and private, are trying to organize.
Why are hospitals increasingly targeted?
One figure illustrates this phenomenon well: + 500% in one year, worldwide, for cyber attacks targeting healthcare establishments, according to the PwC firm. France is no exception to this notable increase. Like everywhere else, for a long time, hospitals were spared from cybercriminals who instead targeted individuals and businesses. The first big alert, in France, was the attack targeting the Rouen University Hospital in November 2019. But the tipping point is the start of the Covid crisis. AP-HP was targeted during the first lockdown and since then cyber attacks have become more frequent.
“Computer attacks, especially those against hospitals, are a question of opportunity. We are in a period of a global pandemic, hospitals are overloaded and that makes them easy targets for hackers”, explains Thomas Roccia, researcher for cybersecurity specialist McAfee. In fact, when the intensive care units are saturated, carrying out regular computer updates is a bit of a worry for the staff. “There is a psychological barrier that has fallen, as if there were no more limits for cybercriminals,” said Cyrille Politi, digital advisor for the Hospital Federation of France.
Who are the hackers who attack hospitals?
These attacks are carried out by “teams of cybercriminals, very organized, methodical”, specifies Orange Cyberdéfense, the cybersecurity division of the operator, European leader in the sector, contacted by Europe 1. “In some cases, these teams are directly linked to classic crime. In the case of Dax, the method is used has been known for years, it is known to be popular with groups in Eastern Europe. ” The goal is almost always the same: money. “The amount of ransoms is around tens or even hundreds of thousands of euros,” according to Orange Cyberdéfense.
The most common method is “ransomware”. Through various means (attachment in an email, infected USB key, corrupted link, etc.), hackers create a gateway to a computer. From there, they access the hospital server and encrypt all of the data. They are not deleted, just made inaccessible. As if a burglar broke into your home while you were away, changed the lock on the front door and only agreed to give you the key in exchange for a ransom. “Sometimes, they infiltrate in several hours, sometimes in several weeks to do even more damage”, explains one at Orange Cyberdéfense.
What are the consequences of cyber attacks?
For the establishments concerned, the harmful effects are sometimes considerable: inability to consult patient files, postponement of operations, or even in the most serious cases, transfer of patients to other establishments. For the moment, in France, we see above all the less serious consequences. “These are mainly blocked servers therefore inaccessible files”, according to Cyrille Politi, of the Hospital Federation of France. In this type of case, it still takes one to two weeks to regain control of the servers and several weeks or even several months to rebuild the entire computer system.
The growing importance of connected health, with IT infiltrating into operating rooms, means that the risk will become exponential for the next few years. “With 5G and connected objects, there will be more attacks,” says Philippe Trouchaud, head of cybersecurity activities at PwC France. “We cannot go against this digitization, we must therefore learn to live with this new delinquency and be ever more rigorous in the maintenance of computer systems.”
Are hospitals armed to deal with attacks?
French hospitals are no more or less secure than those in neighboring countries. The problem is rather due to the lack of human and financial resources allocated to IT security. “It’s a budget that is too often overlooked. You need full-time positions for maintenance. Buying equipment is one thing, but the main thing is to update it regularly. People forget it too much. often, “says one at Orange Cyberdéfense. “Updates and strong passwords are the basis. 99.9% of attacks could be avoided with better ‘IT hygiene'”, insists Philippe Trouchaud of PwC.
The problem is that each hospital is organized in its own corner. And not everyone keeps up with the hackers. “We play cat and mouse. We get hacked, we find a solution to protect ourselves and then hackers find a new technology or a new flaw,” sighs Cyrille Politi. “We use so much software. We make the updates, but sometimes they have flaws that even the publisher does not know. Microsoft has sometimes discovered flaws in its software when they were used by hackers for months.”
What is France doing to counter cyberattacks?
France is not lagging behind in cybersecurity, far from it. The National IT Systems Security Agency (ANSSI) is considered a big name in Europe with hundreds of specialists in its ranks, including former hackers. It intervenes in each serious cyber attack, mainly when the State is directly targeted, but also to help strategic companies. A team was dispatched to Dax to accompany the hospital teams. In some cases, Anssi also relies on private players, in particular Orange Cyberdéfense. “With hospitals, part of the work is done upstream to strengthen defenses,” says the company.
“The tools deployed by France are among the most advanced in the world,” said Philippe Trouchaud, head of cybersecurity activities at PwC France. There remains the human factor, uncontrollable: an attachment opened inadvertently, access given to the wrong people, etc. To avoid these errors, the firm provides training for managers of health establishments. “We must make all stakeholders aware of good cybersecurity practices, these are simple actions that can make a big difference.”
Source site www.europe1.fr