France to boost cyberdefense after hospital malware attacks

French President Emmanuel Macron has unveiled a plan to better arm public facilities and private companies against cybercriminals following ransomware attacks at two hospitals this month

The attacks at the hospitals in Dax and Villefranche-sur-Saone prompted the transfer of some patients to other facilities as the French health care system is under pressure from the coronavirus pandemic.

Macron discussed the attacks with officials and workers from both hospitals, saying the incident “shows how the threat is very serious, sometimes vital."

“We are learning about these new attacks, some coming from states as part of new conflicts between nations, others coming from mafias,” the French leader said during a videoconference. Some attacks have “criminal” or “lucrative” motives, others are used to “destabilize” countries, he added.

Macron referred to a massive hack of U.S. federal agencies last year and to the stealing of vaccine documents from the European Medicine Agency in November.

Macron’s office said the government will earmark about 500 million euros ($603 million) to help boost cyberdefense systems in the public and private sector.

The National Cybersecurity Agency of France (ANSSI) reported that ransomware attacks surged 255% in 2020 compared to the previous year. All sectors and geographical areas of the country were included, but the increase particularly concerns the health care sector, the education system, local authorities and digital service providers, ANSSI said.

During ransomware attacks, cybercriminals infect computer networks with malware that scrambles data until victims pay a ransom.

The hospital in Villefranche-sur-Saone, located north of the city of Lyon, said its phone system went down during a cyberattack on Monday that forced a preemptive shutoff of the internet service and other networks to keep the ransomware from spreading.

The hospital also had to postpone surgeries planned for the following day. but said patient safety was preserved.

The Dax hospital in southwestern France reported a similar attack last week. Without phones and computers working, health care workers had to use pen and paper for record keeping.

The French cybersecurity agency is helping to investigate the attacks.

ANSSI said Monday that an attack similar to one used by Russian hackers targeted software distributed by the French company Centreon, resulting in the breach of “several French entities" from late 2017 to 2020.

"This campaign bears several similarities with previous campaigns attributed to the intrusion set named Sandworm," ANSSI said in a statement Monday.

Sandworm is a Russian military hacking group t hat U.S. officials and cybersecurity researchers blame for the most damaging cyberattacks to date, including the June 2017 NotPetya attack that targeted businesses that operate in Ukraine. It caused at least $10 billion in damage globally, most notably to the Danish shipping multinational Maersk.

Top Stories

Top Stories

Top Stories

Top Stories

ABC News Live

ABC News Live

24/7 coverage of breaking news and live events