PARIS HOSPTIAL RANSOMWARE ATTACK – THE AGONY CONTINUES
If we ever thought the cyber-crimes are about stealing your data, gaining illegal access to your systems, making systems crash, wipe out data or at times stopping your access to computer systems, you may be off the mark. The use cases as wide and varied as our imagination and is being played out in different parts of the world. Bringing cyber and physical together has increased its potency, threat surface and impact, which at times can be extremely physically debilitating. It can lead to bringing down business credibility and put you into in total disarray. It can be any business, even the trade of medical care.
It is a no holds barred cyber security scenario. The hackers know the game and rest are victims so to say. They say getting hacked is the new normal. Now it has become new type of evil, when used against hospitals and disrupting important medical systems. According to Bleeping Computer and the director, an attack is disrupting the Canter Hospitalise Sud Francilien in France. The CHSF hospital, located 28 kms south of Paris, is forced to turn patients away and postpone surgeries due to ransomware. Locked down systems have forced the hospital to literally be out of its business. As stated a few days back, the cyber criminals are demanding $10 million ransom to release French Hospital. The hospital director had stated earlier that the hospital would not be paying ransom.
Unfortunately, attacks of this nature have been happening of late. Earlier this year the Costa Rican healthcare system was held hostage by crypto hacker. CHSF, a 1000 bed hospital was attacked on last Sunday has not been to regain control of its systems. Not only the hospital’s software system is impacted but also the patient’s admission and storage, which also includes medical imaging. While patients are still being assessed but many require transfers to other medical centres to get the required treatment. The attack on the network has made nearly everything inaccessible.
As per Le Monde, the $100 million is being demanded to release a decryption key to free the hospital’s systems. Even for a hacker extracting money out of business of healthcare is the just the lowest move. The culprit remains unknown but the needle of suspicion is moving towards LockBit 3.5 ransomware gang. But Lock Bit has always claimed that in their system attack on hospitals are not allowed. This makes the puzzle even more complex. If we don’t devise ways and means to deal with ransomware attackers, we would slowly control over variety of critical sectors.
HOW DO WE CREATE RESILIENCE IN OUR CIRITICAL INFORMATION SYSTEMS?