Another hospital in Europe falls victim to a cyberattack. This time with a US$10m ransom

• Hackers demanded a ransom of US$10 million to call off the cyberattack on the CHSF Hospital Centre, southeast of the French capital.
• The healthcare industry has been the main target of bad actors, especially this year, with multiple cyberattacks reported across Europe.
• Sophos’ recent report highlighted that 66% of healthcare organizations were hit by ransomware last year, up from 34% in 2020 — a 94% increase over the course of a year.

When it comes to cyberattack,  healthcare organizations around the world have been constantly targeted by hackers in recent years — and Covid-19 has aggravated the situation. Even in a region like Europe, attacks against hospitals have become ominously frequent, where even minutes of downtime can have deadly consequences. The most recent cyberattack occurred in a hospital southeast of Paris. The hackers have demanded a US$10 million ransom to unblock the system.

The IT system at the hospital center in Corbeil-Essonnes has been virtually paralysed by a cyberattack since the weekend. Since then, non-critical services have had to be directed elsewhere, and staff have been working with limited resources. “Each day we need to rewrite patients’ medications, all the prescriptions, the discharge prescriptions,” said Valerie Caudwell, the president of the medical commission of the CHSF hospital. “For the nurses, instead of putting in all the patients’ data on the computer, they now need to file it manually from scratch.”

The hospital’s director, Gilles Calmes, has decided to not cave in to the ransom. “You know the hospital would not pay, has not paid and will not pay this type of ransom.” Reports claim that the prosecutor’s office is investigating the issue, and it is spearheaded by the gendarme’s Center for Combating Digital Crime (C3N) division. 

Why a cyberattack on healthcare institutions is not surprising anymore

For context, cyberattacks targeting hospitals in France particularly have been rising too, with 380 cases reported last year, a 70% rise from 2020. According to a recent State of Ransomware in Healthcare 2022 report by Sophos, ransomware attacks on healthcare almost doubled – 66% of healthcare organizations surveyed were hit by ransomware in 2021, up from 34% in 2020. “This is a 94% increase over the course of a year, demonstrating that adversaries have become considerably more capable at executing the most significant attacks at scale,” Sophos stated.

Sophos also attributed the rise to the growing success of the ransomware-as-a-service model, which significantly extends the reach of ransomware by reducing the skill level required to create and deploy an attack. The annual study were based on 5,600 IT professionals, including 381 in healthcare, from 31 countries. The study discovered that the healthcare sector is most likely to pay the ransom, with 61% of organizations paying to get encrypted data back, compared with the global average of 46%.

The upside however is that healthcare pays the least ransom cash – US$197,000 paid by healthcare in 2021, compared with the global average of US$812,000, the Sophos study shows. Yet paying the ransom doesn’t guarantee the recovery of all encryoted data. “Less data is recovered after paying the ransom – healthcare organizations that paid the ransom got back only 65% of their data in 2021, down from 69% in 2020; furthermore, only 2% of those that paid the ransom in 2021 got ALL their data back, down from 8% in 2020,” the report explains.