French hospital hit by cyber-attack

The University Hospital Centre (CHU) in Rouen, France was hit by a major cyber attack last week. Reports stated that the attack caused “very long delays in care” and staff were forced to stop using the PC’s and switch to pen and paper.

In May 2017 many parts of the NHS in the UK were also hit by a major attack, which like this one caused many computer based systems to be shut down for days.

The hospital in France issued further details via its Facebook page, and website.

The statement said (Note : This is a translation from French to English so apologies for any errors)

Friday, November 15 around 19 hours, the CHU of Rouen was the subject of a major computer attack, strongly impacting the information system and thus the activity of the establishment.

This attack made access to most business applications inaccessible, but also infected some of the workstations.

The process used consisted of encrypting certain files located on computers and servers.

Immediate actions were carried out by the Information System Department (DSI) to stop the spread of this attack around midnight.

Various operations are carried out by all the professionals of the ISD, with the contribution of an additional on-site expertise of the services of the National Agency for the Security of Information Systems (ANSSI), to gradually put back into service the set of applications of the establishment.

Many services operated in degraded mode and hospital staff were confronted with disruptions, particularly in the computerized treatment of prescriptions, reports or admissions management that had to be done in degraded mode, by telephone or paper transmissions.

Reinstatement of all the applications, in order of priority, allowed a gradual recovery of the activities of the establishment.
At this stage, the Information System is once again enabling patients to be treated under almost normal conditions.
It must be emphasized that the difficulties encountered during this period had no direct impact on the follow-up of our patients.

No leakage of medical or personal data has been found to date by the investigations.

The CHU Rouen has filed a lawsuit against X for fraudulent access to an automated data processing system and attempted extortion at the Paris prosecutor’s office.

Duncan Newell

Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: