France to boost cyberdefense after hospital malware attacks

French President Emmanuel Macron has unveiled a plan to better arm public facilities and private companies against cybercriminals following ransomware attacks at two hospitals this month

Macron discussed the attacks with officials and workers from both hospitals, saying the incident “shows how the threat is very serious, sometimes vital.”

“We are learning about these new attacks, some coming from states as part of new conflicts between nations, others coming from mafias,” the French leader said during a videoconference. Some attacks have “criminal” or “lucrative” motives, others are used to “destabilize” countries, he added.

Macron referred to a massive hack of U.S. federal agencies last year and to the stealing of vaccine documents from the European Medicine Agency in November.

Macron’s office said the government will earmark about 500 million euros ($603 million) to help boost cyberdefense systems in the public and private sector.

During ransomware attacks, cybercriminals infect computers or computer systems with viruses that scramble and lock data until the targeted users pay a ransom.

The hospital in Villefranche-sur-Saone, located north of the city of Lyon, said its phone system went down during a cyberattack on Monday that forced a preemptive shutoff of the internet service and other networks to keep the ransomware from spreading.

The hospital also had to postpone surgeries planned for the following day. but said patient safety was preserved.

The Dax hospital in southwestern France reported a similar attack last week. Without phones and computers working, health care workers had to use pen and paper for record keeping.

The French cybersecurity agency is helping to investigate the attacks.

ANSSI said Monday that an attack similar to one used by Russian hackers targeted a software distributed by the French company Centreon, resulting in the breach of “several French entities” from late 2017 to 2020.

“This campaign bears several similarities with previous campaigns attributed to the intrusion set named Sandworm,” ANSSI said in a statement Monday.

Sandworm is a Russian military hacking group that U.S. security officials and cybersecurity experts said interfered in the 2016 presidential election in the United States, stealing and exposing Democratic National Committee emails and breaking into voter registration databases.

The group has also been blamed by the U.S. and U.K. governments for the June 2017 NotPetya cyberattack, which targeted businesses that operate in Ukraine. It caused at least $10 billion in damage globally, most notably to the Danish shipping multinational Maersk.

Be the first to comment

Leave a Reply

Your email address will not be published.