Skip to main content
France - cyber crime

Paralysed French hospital fights cyber attack as hackers lower ransom

A hospital southeast of Paris has been crippled by an ongoing cyberattack, drastically reducing the number of patients who can be admitted and forcing a return to pre-digital workflows. Security experts are trying to retake control of the computer system as ransom negotiations continue.

Computer engineers in the crisis centre at the hospital in Corbeil-Essonnes, south of Paris.
Computer engineers in the crisis centre at the hospital in Corbeil-Essonnes, south of Paris. AFP - EMMANUEL DUNAND
Advertising

The GIGN elite tactical force of the French gendarmerie is involved in negotiating with the hackers who targetted the Corbeille-Essonnes hospital 10 days ago.

The attack has blocked access to all medical imaging storage and patient admissions systems.

GIGN negotiators, who usually work on counter-terrorism and hostage release operations, have been communicating with the attackers via the Protonmail secure email service.

According to the Parisien newspaper, they have managed to talk down the ransom from $10 million to $1 million.

France won't pay

Even if the ransom has been negotiated down, the hospital will not pay.

"Even if they ask for 150,000 euros, we will not pay. That is the rule that has been established,” the president of the board of the hospital, Medhy Zeghouf, told Le Parisien.

But the negotiations buy time for investigators who are trying to locate the attackers and regain access to the data.

The attack appears to be the work of the Lockbit group of Russian-speaking hackers, who have been behind several similar cyber attacks elsewhere in the world, notably in the United States, where private clinics are more likely to pay ransoms than hospitals in France.

Back to analogue

The hospital, meanwhile, continues to function, but at half capacity. Some 500 patients, including 13 children, have been transferred to other institutions.

Those patients left are being treated by doctors forced to communicate with pre-digital tools.

As digital security experts work to create a secure digital bubble around the hospital, staff have been prohibited from plugging in their computers.

Those most affected are the imaging services and the blood work laboratory, which have had to resort to burning data onto DVDs to share information.

And it takes five times as long as usual to fill a pharmacy prescription, which needs to be prepared by hand.

The hospital does not expect a return to normal before several weeks, if not months. And the cost of the transition back to the analogue world has cost 2 million euros so far.

Hospital security

"It’s a particularly offensive attack because it affects the most fragile,” said Health Minister François Braun on a visit to the hospital on Friday, where he announced an additional 20 million euros to help health facilities protect their data.

The state had already allocated 25 million euros to address growing cybersecurity threats to health facilities, for 2021 and 2022. The extra money announced will allow France to double the number of facilities which have proper security to protect against these types of attacks.

Digital Transition Minister Jean-Noël Barrot said the frequency of attacks on French health facilities is declining, from nearly one a week in 2021, to half that in the first six months of this year.

Daily newsletterReceive essential international news every morning

Keep up to date with international news by downloading the RFI app

Share :
Page not found

The content you requested does not exist or is not available anymore.