The Simone Veil hospital in Cannes, victim of a cyberattack two weeks ago, saw the LockBit group claim responsibility for it on Tuesday. Hackers threaten to reveal stolen data on 1er may.
Labor Day could turn into a nightmare for staff, managers and patients at Cannes hospital. Affected by a severe cyberattack on April 16, which will also leave traces for many months, the hospital center had to postpone numerous interventions, put in place emergency procedures and must now cope with the countdown launched by the LockBit hacker gang, which definitively marks its return to the forefront of the cybercriminal scene.
The group of pirates, almost left for dead by the authorities following the international law enforcement operation last February, shows that in addition to having never really disappeared, it is still very active, as several cyber experts confirm to us.
With the cyberattack on the Cannes hospital, LockBit proves that it has not disappeared, quite the contrary
While the Cannes hospital licks its wounds, the LockBit group is moving up a gear. The pirates have started a countdown which must end on the 1ster may. We don’t know exactly what kind of information they have. What seems certain is that if they don’t get what they ask for, the gang members will release the stolen data.
After the authorities’ famous Operation Cronos, we quickly affirmed that LockBit had not disappeared. “ Falling down a piece of infrastructure without cutting off the hydra’s heads has never permanently killed a group of attackers », Reacts Pascal Le Digol, France director of WatchGuard. The expert recalls the rebound capabilities of the collective of cybercriminals.
“ LockBit certainly experienced a drop in activity following Operation Cronos, but it accumulated hundreds of millions in revenue. So he has the means, the time and the skills to build a strong infrastructure. The supposed boss of LockBit, LockBit Supp, explained that he had learned a lot from the hacking of his infrastructure by the police. », adds our expert. “ Expecting the complete and definitive dissolution of cybercriminal groups is a very uncertain posture », adds the president and founder of Alcyconie, Stéphanie Ledoux, to emphasize a little more on the resilience demonstrated by pirate collectives.
A big communication coup for LockBit, a few days before the Cannes Film Festival
We will therefore not go so far as to say that LockBit was able to rise from its ashes, like the Phoenix, since the organization has never stopped living. She even quickly became very active again. “ The police operation carried out in February did not put an end to the “Lockbit black” threat, in fact in line with our fears, the infrastructure of this criminal group has been rebuilt and we are currently seeing related alerts attempts to compromise workstations », confirms the director of SoCs (security operations centers) of Nomios, Luis Delabarre.
LockBit seems to retain all the confidence of its affiliates, whom the authorities had also promised to track down. “ If they are still there, it is because the offer is still as attractive as ever and LockBit has demonstrated that its encryption tool is effective, and that the gains are interesting », Tells us Pascal Le Digol.
In short, by “offering” the Croisette hospital as a target and then a victim as the Cannes Film Festival looms, LockBit is buying itself a global window into its “rebirth”, as sad and deplorable as it may be. Pascal Le Digol explains it well, “ this cyberattack ultimately resembles a major communication stunt to restore the image of the group which thus demonstrates that it has survived a global police operation from which it has even emerged grown “.
Patients who run certain risks if their data were to be published
If LockBit carries out its threat to release data, what will happen to patients at Cannes hospital? “ The risk for patients is to see their very sensitive data monetized on the darknet to join the immense quantity of personal data already available, and ultimately to maintain the formidable machine of phishing, targeted phishing and other online scams. », replies the boss of WatchGuard France.
In the meantime, the hospital center has received, in recent days, the support of the Nice University Hospital and Antibes University Hospital teams. He still works closely with the services of ANSSI, the French agency dedicated to cybersecurity, with which technical investigations continue.
Thanks to Aurélien Rouby and the WeTalk agency, who helped us quickly get in touch with the experts.
6