French Hospital Reels Under Cyber Attack, The Latest in a Growing Trend

Paris ( – A cyber attack linked to a ransom demand has paralyzed the workings of a large hospital near Paris, raising concerns among other health establishments in the country where ransomware attacks have surged over the past two years.

The attack on the information network at the Centre Hospitalier Sud-Francilien (CHSF) Hospital began on Sunday. The unidentified perpetrators are demanding $10 million in return for ending the attack and unlocking the system.

The hospital, which has a capacity of 1,000 beds and provided health coverage for the nearly 600,000 inhabitants in the region, is unable to access its computerized data, and staff are using pen and paper to record crucial information. Scheduled surgeries and emergency services are among those affected.

CHSF officials said the system may not return to normal operation for weeks, or even months.

The hospital’s IT team are working with the National Authority for Security and Defense of Information Systems, a government entity, to try to recover information and patient files.


ComCyberGend, a division of the police dealing with cyberspace, is trying to identify the hackers, who could be located anywhere in the world. (The ransom demand was in English. The hospital has not disclosed in what form it was received.)

“The web ignores borders,” ComCyberGend deputy commander Christophe Husson told reporters. “These are investigations which, inevitably, have a certain complexity.”

Cyber defense specialist Damien Bancal told France Info TV the hackers evidently had not chosen their target well, “because no hospital could pay such a ransom and that will never happen in France.”

Although there is no law forbidding a hospital to pay under such circumstances, no health establishment has that kind of money, he said.

Nicolas Arpagian, director of cyber security strategy at Trend Micro Inc, a global cyber security company, agreed that hospitals don’t have the capacity to pay ransoms, but said that they, like other entities, are open to attack “because they are digitized and interconnected.”

He told France Info there was a risk that a hacker could sell patient or staff data and health records, especially via the so-called dark net.

As an example, Arpagian said pharmaceutical laboratories – presumably unwittingly – could pay up to $300 for a medical record, to help in their research.

Pascal Le Digol, a cyber security expert at Watchguard Technologies, said in a typical case hackers send a fraudulent link, which activates a virus that “paralyzes the computer system.”

“Money obtained from [cyber] piracy today exceeds that coming from drug trafficking,” he said.

Gérald Patterson, a cloud solutions architect expert who works with banks and large companies to secure their IT systems, said in an interview that security is crucial nowadays.

“You have to put in place monitoring, automated incident response, and do pen testing to validate the whole security.”

“Pen testing” – penetration testing or ethical hacking – is when experts simulate a cyber attack to evaluate the security of a computer system, he explained.

“Preparation is key, you have to be prepared.”

This is not the first time a hospital in France has been targeted in this way, especially in recent years. In 2021, one incident occurred per week on average in a health establishment in France, according to official data.

The French digital health agency says the 380 cyber attacks recorded in 2021 marked an increase of 70 percent from 2020. Five of the 2021 incidents had endangered the lives of patients.

In one case last year affecting a non-medical target, hackers attacked the system of a the municipal government of Douai, a town in northern France. Mayor Frédéric Chéreau said when employees arrived at work on morning in April, “all the screens were black or showed a completely encrypted text, a bit like a screen from the movie The Matrix.”

The mayor chose not to pay a ransom – the amount demanded was not made public – and the system was eventually restored with the help of the National Authority for Security and Defense of Information Systems.


Some media, including videos, may only be available to view at the original.  

Similar Posts