Response to the André-Mignot ransomware attack

The CHU André-Mignot, in the Paris suburbs, had to shut down its telephone and computer systems due to a ransomware attack that occurred on Saturday evening.

According to Richard Delepierre, the co-chairman of the hospital’s supervisory board, the attackers behind this ransomware incident have already demanded a ransom.

“A ransom, the amount of which I do not know, has been demanded but we do not intend to pay it,” Delepierre said in a statement. RFI report.

Currently, the hospital is only accepting walk-ins and consultations as it had to partially cancel operations. It was also forced to transfer six patients from its neonatology and intensive care units to other health facilities, according to French Minister of Health and Prevention François Braun.

“Taking hostage the health of the French is inadmissible. I was this evening with @jnbarrot with the teams of the André-Mignot hospital, victim of a cyberattack”, declared Braun said on Sunday.

“All our means are deployed alongside the professionals mobilized to ensure the care of patients.”

The Ile-de-France Regional Health Agency (ARS) informed patients with consultations already scheduled or interventions planned (eg surgery, chemotherapy, radiotherapy) to contact their doctor or the department assigned to them, who will redirect them to an available treatment unit.

Jean-Noël Barrot, Minister Delegate for the Digital Transition and Telecommunications, said the hospital immediately isolated the infected systems to limit the spread of the malware to other devices and alerted the National Authority for Security and Defense of Information Systems (ANSSI).

The cyberattack is now the subject of an investigation by ANSSI and the Paris prosecutor’s office, which has also opened a preliminary investigation for hacking of state data and attempted extortion after the André-Mignot hospital filed a complaint on Sunday.

“To date, no other health establishment in the region has been impacted by this cyberattack on which investigations are continuing by the National Authority for Security and Defense of Information Systems (ANSSI)”, added the ‘ARS.

While the ransomware operation behind the André-Mignot Hospital attack remains unknown, several gangs are known to target healthcare organizations.

US federal authorities have previously warned against deploying threat actors maui and Zeppelin ransomware payloads in attacks against healthcare and public health (HPH) organizations.

Another joint advisory warned in October that a cybercrime group known as Daixin Team was targeting the HPS sector in ongoing ransomware attacks.

In November, the US Department of Health and Human Services (HHS) also alerted health organizations nationwide that they were targeted by Venus ransomware attacks known to have caused dozens of victims worldwide since mid-August 2022.

The FBI says the notorious Hive ransomware gang has also attacks health facilities and estimated that the group had collected around $100 million from its victims since June 2021.


Source link