LockBit cybercriminals keep Corbeil-Essonne hospital under pressure
The virus encrypts computer data in order to demand a ransom.
REUTERS/Kacper Pempel
Text by: Dominique Desaunay Follow
3 mins
The group of cybercriminals Lockbit, a collective of hackers supposedly from Russia, claimed responsibility for the cyberattack which completely paralyzed the Corbeil-Essonnes hospital center in the Paris region last August.
Despite negotiations initiated by the cyberpolice, the criminals maintain their ransom demand.
Advertising
Read more
The attack was carried out using "ransomware", i.e. malicious programs capable of taking control of computers and blocking them.
All of the public establishment's business software, from patient appointment management systems to medical imagery storage servers, found themselves suddenly inaccessible.
Since that day, the emergency, pediatric and gynecological services of the Corbeil-Essonnes hospital, which has a thousand beds, have been operating in degraded mode and patients requiring rapid care are always redirected to other establishments in the region. .
Double extortion
The hackers who originally demanded $10 million to free the blocked systems are also blackmailing the data they stole.
Exfiltrated information that includes patient medical records, hospital personnel files and a multitude of confidential data such as telephone contacts, bank accounts, email addresses, not to mention the Social Security numbers of the thousands of people who visited the hospital. 'Public establishment.
In all, a million pieces of personal data end up in the clutches of cybercriminals specializing in data racketeering.
This collective of pirates is called LockBit, revealed to us, at the end of August, Damien Bancal, the founder of the Zataz site.
And since this Monday, September 12, “
the malicious ones begin to distribute the stolen files
”, to accelerate the payment of the ransom, specifies us the French expert in cybercrime.
“
I contacted the LockBit group affiliates at the end of August through their various communication channels on the DarkNet and they were very clear.
To the question
"did you attack this hospital center?"
They gave me the unequivocal answer
: "Yes, that's us!"
What you have to understand with this group of hackers is that their method of racketeering is always the same.
They first demand a sizeable ransom.
Initially, 10 million euros and then they negotiate their prices.
Currently, they are offering a million dollars to erase the data they copied, but at the same time they are also asking for a million dollars to return the stolen files to the hospital if the establishment wishes to reinstall them
.
Lockbit since the attack on Corbeil-Essonnes hospital has claimed 84 other victims.
For them, data racketeering is a business like any other and as they say themselves, using a quote from the movie
The Godfather
“
Nothing personal in our attacks, just business
”.
A growing threat
According to the press release posted online by LockBit, the Corbeil-Essonnes hospital is “
a company with an annual income of 650 million euros
”.
For these hackers, whether their victims are public establishments or private companies, it's all the same.
Their indiscriminate attacks are intensifying.
In the day of September 14 alone, cybercriminals have already sent around fifteen ransom demands to several establishments, including insurance companies, but also to several town halls in France and public services managed by local authorities whose systems are now completely blocked today.
► To read also:
Cyberattack at the Corbeil-Essonnes hospital: "Negotiating with pirates is unthinkable"
Newsletter
Receive all the international news directly in your mailbox
I subscribe
Follow all the international news by downloading the RFI application
France
Technologies
Piracy
Health and medicine
Cybercriminality
our selection