Home Cyber Crime Dax-Côte d’Argent hospital in France hit by ransomware attack

Dax-Côte d’Argent hospital in France hit by ransomware attack


Adam Bannister

15 February 2021 at 14:05 UTC

Up to date: 15 February 2021 at 14:08 UTC

Egregor ransomware gang concerned, based on stories

Dax-Cote d'Argent hospital in France hit by ransomware attack

A hospital in southwest France is scrambling to get better from a ransomware assault that has triggered vital operational disruption.

In a tweet posted on February 11, the Middle Hospitalier de Dax-Côte d’Argent revealed that it had fallen prey to a cyber-attack and was attempting to revive programs that included the phone switchboard.


Cybersecurity vendor Avast mentioned that affected person care had been impaired in a French-language blog post (Avast verified an English translation for The Every day Swig).

Telephone traces on the healthcare facility had been partially restored, it added, however encrypted knowledge remained inaccessible as of February 12.

The assault occurred on February 8 and continued into February 9, based on a report in French day by day Sud Ouest.

In a press convention held on February 11, the publication continued, senior hospital officers mentioned employees had been resorting to pen and paper, and that radiotherapy care was among the many most severely disrupted departments.

Catch up on the latest healthcare security news

Officers on the hospital, which has six websites and round 1,000 beds, had been quoted as saying that restoration of regular operations could possibly be a number of weeks away.

The Every day Swig has contacted the hospital for an replace on its restoration efforts. We are going to replace the article if we hear again.

Luis Corrons, a safety evangelist at Avast, has urged different hospitals to promptly deploy emergency patches for vital software program vulnerabilities, practice employees in “digital hygiene” greatest practices, “usually again up information”, and “droop all providers straight obtainable from the web”.

He additionally advised The Every day Swig that “IT admins ought to think about strict whitelisting relating to executable information, in order that solely identified and trusted functions may be run on hospital computer systems.”

Egregor implicated

France Inter has reported that the attackers used the Egregor ransomware, which was first detected within the wild in September 2020 and is notable for mounting so-called ‘double-tap assaults’ that exfiltrate in addition to encrypt information.

Different current Egregor victims have included US retail big Kmart, the Scottish Environmental Protection Agency, and Translink, the general public transport system of Vancouver in Canada.

Nevertheless, the group’s means to hold out additional assaults has apparently been dented after a number of Egregor associates had been arrested in Ukraine final week as a part of a joint operation between French and Ukrainian legislation enforcement – a narrative additionally damaged by France Inter.

DON’T FORGET TO READ Florida Healthy Kids blames health insurance data breach on third-party hack

IT Wire has right now noted that Egregor’s web and darkish web pages are at present down.

France 3 has reported {that a} hospital group comprising 11 websites in Dordogne, additionally in southwest France, had efficiently thwarted a ransomware assault after an IT provider detected Cryptolocker malware on its servers.

“Proper now, hospitals usually tend to fall sufferer to a ransomware assault as a result of cybercriminals could make some huge cash from focused ransomware campaigns,” mentioned Luis Corrons.

“Additionally, the introduction of cyber insurance coverage to deal with ransoms is unfortunately fueling this development.”

RECOMMENDED Telegram for macOS failed to self-destruct messages on local devices

Source link