Cyber Threat Intelligence: Citalid has released a report on the state of cyber threats targeting health facilities in France.


Cyber threats targeting health facilities in France

Back to all articles

The following text is an abstract. Download the e-book here to access full version.

At Citalid, our approach to quantifying cyber risk includes a dynamic and contextualized analysis of the threat. Our CTI team, made of geopolitical experts and cyber threat analysts, published a study based on recent data and qualified incidents to present the challenges facing healthcare establishments. Citalid has joined forces with Relyens, a company dedicated to specifically support healthcare professionals, to complete this study and measure the impact of these cyberattacks.

Hospitals: a prime target for ransomware and distributed denial-of-service (DDoS) attacks

French healthcare facilities have become a prime target for cybercriminal organisations. Beyond the lucrative aspect of reselling healthcare data on the darkweb, the shutdown of hospitals and the disorganisation of care management are followed by a series of consequences that can affect the mental health of all those involved in a cyber crisis, first and foremost the teams responsible for information systems (CISOs).

Digital transformation, the growing interconnection of hospital information systems (HIS) and the increasing use of connected IT equipment in care and management processes have considerably increased the vulnerabilities of healthcare establishments.

This situation exposes them to sophisticated attacks with increasingly damaging consequences from cybercriminals motivated by the value of healthcare data.

Between January 2022 and May 2023, several cyberattacks were publicly recorded and analysed by Citalid’s CTI team, including:

  • 14 ransomware attacks by 3 malicious actors (LockBit, Vice Society and Industrial Spy),
  • 16 distributed denial of service (DDoS) attacks by the Anonymous Sudan group against hospital websites, with no impact on healthcare provision,
  • 13 cases of compromise or attempted compromise of an HIS of unknown or prevented nature.

“Centre Hospitalier de Corbeil-Essonnes”, was targeted by malicious actor LockBit in August 2022 and publicly estimated its losses at at least 7 million euros. This would be without counting the direct and indirect losses that also occured following the attack: loss of revenue, crisis management costs, data restoration, etc.

Information systems interconnection & IT/OT convergence: prime characteristics for cybercriminals

Citalid’s study highlights two major weaknesses in French healthcare facilities.

On one hand, the interconnection of HISs with other information systems such as social securitý organisations, data warehouses, personal health data hosts or other services (e.g. GHTs or GCSs) can encourage rebound attacks with systemic consequences.
Secondly, the digitalisation of healthcare facilities is not limited to IT. In fact, Operational Technology (OT) takes many forms in hospitals: building OT (controlling fluids and refrigeration to keep operating theatres in good condition, for example), medical OT (medical imaging or biological analysis equipment, etc.), and IoMT, the Internet of Medical Objects (surveillance monitors, medication management devices, etc.).

“Our mission is to make cyber risk less anxiety-provoking and more understandable to everyone. By making public the work carried out by our CTI team, we aim to open up this knowledge to all market players. We are proud to have been able to join forces with Relyens, which has extensive expertise in the financial impact of attacks on healthcare facilities, and with whom we share common values of general interest and building a world of trust,” says Maxime Cartan, Chairman and co-founder of Citalid.

“Cyber risk is characterized by a strong presence of malicious actors, which requires us (prevention professionals) to be concerned. Citalid, an expert in risk quantification, has a detailed knowledge of the threat, a unique Cyber Threat Intelligence analysis capability and unprecedented scenario simulation power. The Relyens & Citalid partnership is an innovation that contributes to a better understanding of cyber risk in healthcare and enables the entire healthcare ecosystem to protect itself against it,” comments Pierre-Yves Antier, Director of Strategy, Innovation and Transformation at Relyens.

Find the full article in the complete e-book below by clicking on the Download e-book button.

French version ->

Get insights on
cyber risks and threats within the healthcare sector.

Cyber Threats - CTI


Related Content