Bon sang! French hospital contracts 6,000 PC-locking ransomware infection

Good news? They're not paying the ransom

Woman in hospital (in hospital gown) covers face with hands

A French hospital has suffered a ransomware attack that reportedly caused the lockdown of 6,000 computers.

Rouen's Centre Hospitalier Universitaire (CHU) reverted to pen and paper instead of computerised record-keeping during last week's attack, according to Le Monde.

The attack, which took place on Friday November 15 at around 1900 local time, according to a hospital statement (en Francais) "made access to most business applications inaccessible, but also infected some of the workstations."

"Many services operated in degraded mode and hospital staff were confronted with disruptions, particularly in regards to computerised prescriptions, reports or admissions management, which instead had to be operated in a degraded state, [or had to be transmitted via] telephone or paper," continued the official statement.

Hospital managers reported a person named only as "X" to the Paris prosecutor's office, alleging she or he had committed "fraudulent access to an automated data processing system and attempted extortion".

The BBC added that the hospital had vowed not to pay the ransom.

Zulfikar Ramzan, chief technical officer of RSA Security, blamed "digital transformation" for the rising popularity of ransomware, elaborating: "While this has brought with it many benefits, organisations have become reliant on these digital technologies; loss of data can be a critical issue, making ransoming that data a much more profitable business... Unfortunately, this means we are seeing a lot of hits against organisations where data is critical – such as hospitals."

Cesar Cerrudo, chief techie of rival biz IOActive, opined: "Sadly, the targeting of hospitals with ransomware is a growing trend; earlier this year seven hospitals in Australia were also impacted by ransomware. Hospitals are becoming a major target as despite new technology adoption being high, there is often a lack of cyber security knowledge, even though health data can be a very lucrative area for cybercriminals. This makes busy hospital staff the perfect targets."

Last year an American hospital paid a $60,000 ransom to end an infection and get its files back. ®

Sponsored: From CDO to CEO

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER




Biting the hand that feeds IT © 1998–2019