According to a report of the Information Systems Security Incident Reporting Observatory for the healthcare sector, CERT Santé, which provides support to healthcare establishments when they experience a security incident, had to deal with 733 declarations of incidents in 2021. This number corresponds to an increase of almost 100% compared to 2019 (392) and 2020 (369).
An upsurge in cyberattacks in healthcare organizations in 2021
These 733 security incidents were reported by 582 healthcare establishments using a dedicated reporting portal. Here too, this is more than double the number of structures having declared at least one incident in 2020. Among these establishments, 189 of them asked to be accompanied by CERT Santé to improve the safety of their infrastructure or their IT tools.
Bored Ape Yacht Club: the famous collection of hacked NFTs
While CERT Santé intervened in most of these incidents, the National Information Systems Security Agency (ANSSI) and France Sûreté Sécurité Incendie (FSSI) intervened for the benefit of 37 health structures.
More and more hospitals and healthcare organizations are facing a large number of computer attacks. In February 2021, the Villefranche-sur-Saône hospital suffered ransomware which forced the establishment to postpone its surgeries. While there were no patient health incidents that day, this was not the case in Germany where a woman died in a ransomware attack at the University Hospital of Dusseldorf.
Why did the number of attacks double in 2021?
According to the report, the increase in security incidents in 2021 compared to previous years is explained by the more pronounced use of service providers (hosters) by healthcare organizations. Their market share being more significant, when these service providers are affected by a cyberattack, their customers are almost as affected.
It is important to note that these incidents are not necessarily of malicious origin: only 52% are. Among the security problems encountered having no malicious origin, we find in particular the breakdowns of hosts, but also the loss of the telecom link, which impacts the functioning of the business activities of the health structures. On the contrary, the number of declarations linked to an application bug is the same in comparison to 2020.
Regarding incidents of a malicious nature, the report specifies that the year 2021 was marked by a large number of thefts of credentials of email accounts and remote access accounts (via phishing, by exploiting certain vulnerabilities on non-updated equipment or by testing a large number of passwords to find the one corresponding to an identifier). The AP-HP notably paid the price in September 2021, victim of a massive theft of medical data.