Ransomware incidents in healthcare facilities up 40% in 2019

[ad_1]

"Ransomware was the main threat in 2019," he said. "The main motivation for the attacks is extortion."

The types of attacks are very diverse, he said. "These range from opportunistic phishing attacks to the purchase of a turnkey attack kit on the Internet or even very large targeted attacks. Depending on the intensity of the attack, the damage can range from a few hundred files encrypted when blocking the entire information system (IS) of the establishment. "

"In the best of cases, the backup has been preserved," he added. "In the worst case, the establishment has no more data and a complete overhaul of the IS is necessary", without counting the financial cost of such an operation.

There has been no "massive information loss" so far.

Spam is most often the source of attacks, as well as the use of a webmail containing a malicious attachment or link. There are many variants of the same virus, and these very slight variations in the code may be enough to bypass the protection of the post, explained Emmanuel Sohier.

The ransom demands range from a few hundred to several hundred thousand euros. "Most of the hospitals don't pay because they have a data backup," he said.

Philippe Loudenot, an information systems security officer (FSSI) from the Ministry of Solidarity and Health, also present at the Cybercamp Santé, recalled that "the key word is not to pay".

"An establishment that paid a first time will have to pay a second, a third … hence the importance of backups," he added.

The ANS has identified 693 incidents declared by health structures since the implementation of the new compulsory reporting system, she told TICsanté in December 2019.

[ad_2]