The French Cyber Security Agency took the opportunity to provide recommendations to hospitals and local authorities in order to protect themselves from future cyber attacks.
The cybersecurity of hospitals and communities “is moving towards improvement,” said the new director general of ANSI, Vincent Strubel, during a presentation on Tuesday of an overview of the cyber threat in 2022, where these targets have been heavily affected.
In the second half of the year, hospitals in the Ile-de-France region and departmental and regional councils were targeted by ransomware, causing serious operational problems.
“The finding remains unsatisfactory because it is despicable and unacceptable for a hospital to be paralyzed” with, for example, possible delays in admission to the emergency room, Vincent Strubel replied during a press conference by the French Cyber Security Agency.
But, according to him, the community and health have implemented “prevention procedures” with the help of the ANSI and more generally of the state, and “the victims targeted two years ago are now more easily accepted. This is the proof that it really works,” he said.
Tips for preventing attacks
Anssi, the French agency responsible for the security of information systems, publishes recommendations on its website for establishments to protect themselves from cyber attacks.
In particular, he recommends saving your data on a medium that is not connected to the network, so that you can restore it in the event of encryption by a group of cybercriminals.
«It’s technical but not only. A hospital director or the head of a community must also prepare mentally to be called in an emergency, during the night from Saturday to Sunday, to isolate certain services. Experience teaches that, when you react quickly, you limit the damage very strongly,” he explained.
The great value of health data
Of the 109 ransomware attacks managed by Anssi in 2022, around 25 (23%) involved local and regional authorities and a dozen (10%) healthcare facilities, and “nothing suggests that there is a specific target of healthcare professionals”, analyzes Mathieu Feuillet, Deputy Operations Director of Anssi.
Especially since these public entities, which obey strict accounting rules, are among the least likely targets to pay the ransoms demanded by cybercriminals.
However, health data, and especially “treatment monitoring,” can be sold at a high price on the black market, and cybercriminal groups “screen” many targets to see who pays, notes Vincent Strubel.
In the face of this “opportunistic” threat, the key precaution for Anssi is to raise its security level just enough to appear less vulnerable than its neighbor.