120 hospitals in France affected by massive ransomware attack: health systems are down

Last August 10, network security specialists revealed a cyberattack incident targeting one of the hospitals of the French health company Ramsay Health, causing a computer blackout at the health care facilities, located in Marseille. However, experts say the cyberattack has been designed to compromise the security of all 120 hospitals in this group.

According to hospital officials, the malicious incident managed to block all computer systems on their buildings; although data theft is a possibility that they have considered in Ramsay Health, this could not be confirmed or denied yet. “Last Saturday we detected that our email server was not working, in addition to our systems being infected with malware,” mentions a statement from the hospital group.

The company’s network security experts also mentioned that information security, as well as patient health systems, have not been compromised during the incident. In addition, experts claim that the incident was contained on time and has already been reported to the authorities.

As for hospital management systems, Ramsay Health staff have been improvising some temporary solutions, such as the writing of prescriptions and health reports on pen and paper, at least while all affected systems are restored. “We implemented an information security incident handling protocol at the right time”, mentioned in the statement. “While it is not possible to operate all hospital systems at the moment, services will be restored as soon as possible.”

In subsequent reports, network security specialists reported that Ramsay Health received a ransom demand, suggesting an attempted ransomware attack. Company executives did not confirm this information, although it is known that a legal complaint has already been filed. Finally, the company mentioned that its IT team will have finished re-establishing affected systems over the weekend.

This is unfortunately not an isolated incident. Network security experts from the International Institute of Cyber Security (IICS) say incidents of cyberattacks against hospitals and other health care institutions have grown in a row in recent years, situation that already concerns companies and public entities.

Specifically on French territory, a cyberattack was detected last March that seriously affected the performance of more than 600 hospital devices in order to steal confidential information, unsuccessful intent, but which caused serious affected hospital, located in Montpelier. Another notable incident occurred at the Saint Denis Hospital Center, which earlier last year was attacked with a variant of the well-known WannaCry ransomware, which managed to infect hundreds of thousands of computers worldwide.

This is yet another example of the profitability that ransomware campaigns still have, plus, new variants of previously used encryption malware continue to appear steadily, ensuring cybercriminals the means to follow infecting companies around the world.