After the large-scale computer hacks suffered in recent months by the hospitals of Corbeil-Essonnes and Versailles, the government announced, Wednesday, December 21, the launch of a “extensive preparation program” health facilities to cyberattacks. “The objective is that 100% of the highest priority health establishments have carried out new exercises by May 2023”explain in a joint press release the ministers of the interior, Gérald Darmanin, of health, François Braun, and the minister delegated to digital, Jean-Noël Barrot.
“A digital white plan will be drawn up in the first quarter of 2023 to provide establishments with the reflexes and practices to adopt if a cyber incident occurs”, such as the activation of a crisis unit or the assessment of the damage caused by hackers, adds the press release. This plan should allow “pool the competent resources at the level of each region in conjunction with the regional health agencies”.
A thousand attacks in 2021
A “task force” tasked with building a massive new multi-annual cyber plan by March 2023 has also been created. The Corbeil-Essonnes southern Ile-de-France hospital center in August and the Versailles hospital center in early December were victims of cyberattacks by Lockbit ransomware, which seriously affected their activities and forced them to transfer patients to other hospitals.
In 2021, a thousand ransomware attacks were recorded in France, according to the Ministry of the Interior, and around 260,000 cyber-related legal proceedings were opened – which represents a 20% increase compared to 2020. In attacks against public bodies, the “constant posture” of the State is not to pay ransoms, remind the ministers.