On February 8th, the Center Hospitalier de Dax-Côte d’Argent in France suffered a ransomware attack that locked hospital staff out of computers and phones, and forced the COVID-19 vaccination clinic to shut down completely. The Egregor ransomware strain is believed to have been used in the attack and caused issues for multiple systems including the telephone switchboard and the radiation therapy department. Reports have indicated that fixing all the issues the attack has caused will likely take multiple weeks. This is a cause for concern since patient care systems were affected by the attack, and less than a year ago, one fatality was indirectly a result of a ransomware attack in Germany. The only good news is an arrest of Egregor affiliates took place on the same day as the attack against the hospital, which will hopefully slow their operations down.
Analyst Notes
Targeted ransomware attacks on hospitals and other organizations will likely continue as long as criminal operators of ransomware schemes believe they will receive payments. Organizations can take extra steps to protect themselves from ransomware by making sure patches are up to date, files are regularly backed up, and proper anti-virus and end-point detection measures are in place. At Binary Defense, skilled analysts are working around the clock in our Security Operations Center (SOC) to monitor endpoints for suspicious activity and stop attacks before they get started.
Sources: https://portswigger.net/daily-swig/dax-cote-dargent-hospital-in-france-hit-by-ransomware-attack
ZDNet French Language article: https://www.zdnet.fr/actualites/hopital-de-dax-totalement-bloque-twitter-ultime-recours-face-au-ransomware-39917771.htm