9c2cd866f7a90f07c79e51b7e0523c86
Eradicate Windows From Hospitals
Creative Commons Attribution-No Derivative Works 4.0
THIS 2020 series about Windows inside hospitals was based on whistleblowers. It attracted a lot of attention at the time.
The Hospital Centre of Versailles -- which consists of Andre-Mignot Hospital, Richaud Hospital and the Despagne Retirement Home -- was affected by the hacking attempt, said the complex's management. The regional health agency (ARS) said the Andre-Mignot Hospital had cancelled operations, but was doing everything possible to keep walk-in services and consultations running.
Although not mentioned explicitly in reports so far, the attack on the 700-bed hospital looks to be the work of ransomware actors.
If so, it follows a major ransomware attack on another facility near Paris in September this year. The Centre Hospitalier Sud Francilien (CHSF) in Corbeil-Essonnes was forced back to pen and paper after being hit with a $10m ransom demand by the LockBit 3.0 group.
A few months earlier, the GHT Cà âur Grand Est hospital group said it had been forced to cut internet connectivity to its Vitry-le-François and Saint-Dizier hospitals after receiving a $1.3m ransom demand.
The Paris prosecutors' office has opened a preliminary investigation into attempted extortion, as well as the access and maintenance of the state's digital system. The hospital had also filed a formal complaint Sunday.
For several months now, hospitals and health systems in France have been targeted with such cyberattacks.
A hospital southeast of Paris has been crippled by an ongoing cyberattack, drastically reducing the number of patients who can be admitted and forcing a return to pre-digital workflows. Security experts are trying to retake control of the computer system as ransom negotiations continue.
Some systems at One Brooklyn Health System's three hospitals - Interfaith Medical Center, Brookdale Hospital Medical Center and Kingsbrook Jewish Medical Center - were taken offline Nov. 19 following an incident about which little is publicly known.
Sources tell Information Security Media Group that the organization has been tight-lipped with other area hospitals about the cause of the outage, which is suspected to involve ransomware.
It’s unclear what data the attackers may have accessed, or what their motives were. The hospital itself hasn’t said what data — or whose — may have been compromised. On Monday, police in the Indian capital, where the hospital is located, said it was unaware of ransom demands in response to local media reports that 2 billion rupees ($24.5 million) had been demanded.
The All India Institute of Medical Sciences -- a hospital that’s traditionally treated the country’s top politicians -- has succumbed to a ransomware attack that’s shut down centralized records, people familiar with the matter said.
Mathew Schwartz: What is a ransomware attack called if it's ransomware, but an organization that's fallen victim doesn't want to call it ransomware? Some companies have become expert at spinning as in using corporate speak or weasel words to avoid having to ever say the word ransomware. To a raft of press statements or data breach reports from companies that talk about suffering unexpected downtime, or perhaps a cybersecurity incident, the word cyberattack is another favorite. What's going on here? Companies aren't comfortable saying they've been hit by ransomware. That's despite the volume of ransomware attacks appearing to have recently declined, at least against the healthcare sector.