Paralysed French hospital fights cyber attack as hackers lower ransom demand

Issued on:

A hospital southeast of Paris has been crippled by an ongoing cyberattack, drastically reducing the number of patients who can be admitted and forcing a return to pre-digital workflows. Security experts are trying to retake control of the computer system as ransom negotiations continue.

The GIGN elite tactical force of the French gendarmerie is involved in negotiating with the hackers who targetted the Corbeille-Essonnes hospital 10 days ago.

The attack has blocked access to all medical imaging storage and patient admissions systems.

GIGN negotiators, who usually work on counter-terrorism and hostage release operations, have been communicating with the attackers via the Protonmail secure email service.

According to the Parisien newspaper, they have managed to talk down the ransom from $10 million to $1 million.

France won’t pay

Even if the ransom has been negotiated down, the hospital will not pay.

“Even if they ask for 150,000 euros, we will not pay. That is the rule that has been established,” the president of the board of the hospital, Medhy Zeghouf, told Le Parisien.

But the negotiations buy time for investigators who are trying to locate the attackers and regain access to the data.

The attack appears to be the work of the Lockbit group of Russian-speaking hackers, who have been behind several similar cyber attacks elsewhere in the world, notably in the United States, where private clinics are more likely to pay ransoms than hospitals in France.

Back to analogue

The hospital, meanwhile, continues to function, but at half capacity. Some 500 patients, including 13 children, have been transferred to other institutions.

Those patients left are being treated by doctors forced to communicate with pre-digital tools.

As digital security experts work to create a secure digital bubble around the hospital, staff have been prohibited from plugging in their computers.

Those most affected are the imaging services and the blood work laboratory, which have had to resort to burning data onto DVDs to share information.

And it takes five times as…