Cannes Hospital Targeted by Cyberattack, Disrupting Operations
On Tuesday morning, the renowned Simone Veil Hospital in Cannes, France (CHC-SV) was hit by a cyberattack, leaving its staff unable to access computer systems and resorting to traditional pen and paper methods.
As one of the leading medical facilities in France, CHC-SV serves the Cannes region with a wide range of medical specialties and a team of 2,100 employees, including 230 doctors. The hospital has a capacity of 869 beds and handles over 150,000 outpatient visits and 50,000 emergency room visits annually. With 9,000 surgeries performed and 1,500 births assisted each year, this attack has had a significant impact on the hospital’s operations.
While CHC-SV has not disclosed many details about the nature of the attack, it has confirmed that it has not received any ransom demands from the cybercriminals responsible. In an effort to mitigate the damage and address the incident, the hospital is working with expert partners such as ANSSI, Cert Santé, Orange CyberDefense, and GHT06.
Despite the disruption caused by the cyberattack, emergency services, including medicine, surgery, obstetrics, geriatrics, pediatrics, psychiatry, home hospitalization, and rehabilitation units, continue to operate. However, all data handling has been shifted to traditional pen and paper methods, and some patients have been redirected to nearby hospitals depending on their individual needs.
Unfortunately, the hospital has had to cancel roughly 30% of non-urgent surgical procedures scheduled for this week, and many non-urgent consultations have been rescheduled for a later date. However, consultations that do not involve the use of computers can still be conducted as usual.
The hospital administration emphasized that CHC-SV has never been targeted by such an attack before, but their previous cyber-exercises have helped contain the damage and reduce its impact. Currently, the top priority for the hospital is to restore access to patient care systems that contain essential information, such as test results and patient records. However, this process may take a significant amount of time, depending on the progress of the technical investigations.
Despite rumors, no major ransomware or extortion groups have taken credit for the attack at CHC-SV as of yet. However, if a threat group were responsible, it would typically include the theft of sensitive patient data, potentially affecting a large number of people in France.
The attack on the Cannes hospital serves as a reminder of the growing threat of cyberattacks on critical medical infrastructure and highlights the importance of investing in cybersecurity measures to prevent such incidents in the future.
Protecting Critical Infrastructure from Cyberthreats
In today’s digital era, healthcare institutions are increasingly reliant on computer systems for their operations, making them highly vulnerable to cyberattacks. These attacks can have severe consequences, ranging from disruption of services to potential data breaches and the theft of sensitive information.
According to a recent study by the World Health Organization, 10-20% of all medical devices used by healthcare institutions are vulnerable to cyberattacks. With the increasing adoption of connected medical devices, this number is only expected to rise in the coming years.
Cybercriminals often target healthcare organizations due to the sensitive information they hold, such as patient records, insurance information, and financial details. They may also demand high ransoms to restore access to critical systems and data, causing significant financial losses and disruptions.
Investing in Strong Cybersecurity Measures
As seen in the case of CHC-SV, investing in regular cyber-exercises and implementing strong cybersecurity measures are crucial for preventing or mitigating the impact of a cyberattack. These measures may include firewalls, intrusion detection systems, data encryption, and regular data backups. Regular training for employees and ensuring they follow secure password practices can also play a vital role in preventing cyber incidents.
The attack on CHC-SV serves as a reminder of the need for healthcare institutions to prioritize cybersecurity and invest in strong defense mechanisms to protect critical infrastructure and patient data from cyberthreats.
Protect your healthcare organization from the growing threat of cybercrime by implementing robust cybersecurity measures and following best practices to prevent data breaches and ensure secure operations.