CHSF Hospital Hack: What Happened, Our Analysis and Thoughts
Intro
It is without surprise that hackers have begun targeting users that are primarily working from home or via remote work over recent years. However, they aren’t the only individuals in the target range. Financial, energy, and medical institutions have all now become potential candidates for ransom victims as hacking groups and abilities improve. Governments around the world have been warning hospitals to bolster their security and defense capabilities against potential attacks. Earlier in the year and back in 2021 such events have already occurred in parts of France. Now, the most recent one we will focus on is the Centre Hospitalier Sud Francilien (CHSF) hack in Corbeil-Essonnes.
What Happened
A security breach allowed a ransomware attack to wreak havoc within the CHSF hospital network, with digital storage systems, software for internal use, IT, medical equipment, and more completely inaccessible. However, the hackers are asking for a USD 10 million ransom, which as of current they refuse to pay, to stop the attack. A crisis unit has been dispatched, with orders to find the source of the attack and make aware of the condition of the network, according to the hospital. As a result, a “White Plan” was initiated in hopes of being able to maintain basic care services, which many have stated includes “going back to pen and paper”. Patients that need MRI or other medical imaging-based equipment and ER care have been transferred to other hospitals in the meantime.
Analysis
First and foremost, stronger security infrastructure and plan would most likely have reduced the risk of a breach. Although utilizing and/or updating to the newest antivirus software has worked for traditional means, we live in a very different world of cyberattacks now. Efforts necessary to combat this new era of hackers can range anywhere from stronger network security protocols to a zero-trust approach for each member who logs into the network. Ransomware enters a network due to a breach/hole in security, such as opening a document with malware. The effects can either be immediate, or the intrusion lying dormant until the right time and is activated. Regardless, this would be accessing and downloading files to local systems and within the network, which presents high amounts of risk. CHSF has stated that “…Our health professionals are currently working without the help of IT, which generates much longer than average waiting times.” Remedying the issue from this quote is a good starting point for how things can be improved. For the safety of the hospital and its patients, health professionals must be working with an IT department, preferably internally, to construct proper security setups and proactive measures against these sorts of attacks.
How Puffin Can Help
Puffin has two services that can be beneficial to reducing the risk of such instances to your business. The first is Puffin Secure Browser; with data first channeled through our cloud systems, any malicious content within a file or website is filtered out before reaching the user. And because downloaded items are not on your local device, opening a file that executes commands which encrypt files or spreads to other parts of your internal network is no longer possible. Our second offering is Puffin Enterprise Access; a zero-trust approach for each user or guest that enters the network. Even with proper credentials, it is unknown if an account has been compromised or if an insider is plotting to leak information. Regardless of the situation, our dashboard and configurations are all fully customizable to the needs of your business. Should you wish to learn more, click here to contact us for more details.
Connect with us to stay updated
