The French IT Security Agency took the opportunity to give recommendations to hospitals and local authorities in order to protect themselves from future cyberattacks.

The computer security of hospitals and communities “is moving towards improvement”, said Tuesday the new director general of Anssi, Vincent Strubel, during a presentation of an overview of the cyber threat in 2022, where these targets have been heavily affected.

In the second half of the year, hospitals in the Ile-de-France region and departmental and regional councils were the target of ransomware, causing serious operational problems.

“The finding remains unsatisfactory because it is despicable and unacceptable for a hospital to be paralyzed” with, for example, possible delays in admission to the emergency room, replied Vincent Strubel during a press conference by the French Agency for IT security.

But, according to him, the community and health sectors have put in place “prevention procedures” with the help of Anssi and more generally of the State, and “the victims targeted two years ago are more easily taken in today. This is proof that it really works,” he said.

Tips to prevent attacks

Anssi, the French agency responsible for the security of information systems, publishes recommendations on its site for establishments to protect themselves against cyberattacks.

She advises in particular to save your data on a medium not connected to the network, in order to be able to restore them in the event of encryption by a cybercriminal group.

“It’s technique but not only. A hospital director or the head of a community must also prepare mentally to be called in emergency, in the night from Saturday to Sunday, to isolate certain services. Experience shows that, when you react quickly, you limit damage very strongly,” he explained.

The great value of health data

Among the 109 ransomware-related attacks handled by Anssi in 2022, around 25 (23%) concerned local and regional authorities and around ten (10%) healthcare establishments, and “nothing suggests that there is has a specific targeting of health actors”, analyzes Mathieu Feuillet, deputy director of operations at Anssi.

Especially since these public institutions, which obey strict accounting rules, are among the targets least likely to pay the ransoms demanded by cybercriminals.

However, health data, and in particular “treatment monitoring”, can be sold expensively on the black market and cybercriminal groups “scan” many targets to see who pays, notes Vincent Strubel.

Faced with this “opportunistic” threat, the basic precaution for Anssi is to raise its level of security sufficiently to appear less vulnerable than its neighbor.

California18

Welcome to California18, your number one source for Breaking News from the World. We’re dedicated to giving you the very best of News.

Leave a Reply