LockBit cybercriminals keep Corbeil-Essonne hospital under pressure

LockBit cybercriminals keep Corbeil Essonne hospital under pressure

The group of cybercriminals Lockbit, a collective of hackers supposedly from Russia, claimed responsibility for the cyberattack which completely paralyzed the Corbeil-Essonnes hospital center in the Paris region last August. Despite negotiations initiated by the cyberpolice, the criminals maintain their ransom demand.

The attack was carried out using “ransomware”, i.e. malicious programs capable of taking control of computers and blocking them. All of the public institution’s business software, from patient appointment management systems to medical imagery storage servers, found themselves suddenly inaccessible.

Since that day, the emergency, pediatric and gynecological services of the Corbeil-Essonnes hospital, which has a thousand beds, have been operating in degraded mode and patients requiring rapid care are always redirected to other establishments in the region. .

Double extortion

The hackers who originally demanded $10 million to free the blocked systems are also blackmailing the data they stole. Exfiltrated information that includes patient medical records, hospital personnel files and a multitude of confidential data such as telephone contacts, bank accounts, email addresses, not to mention the Social Security numbers of the thousands of people who visited the hospital. ‘Public establishment.

In all, a million pieces of personal data end up in the clutches of cybercriminals specializing in data racketeering. This collective of pirates is called LockBit, revealed to us, at the end of August, Damien Bancal, the founder of the Zataz site. And since this Monday, September 12, “ the bad guys start spreading the stolen files “, to accelerate the payment of the ransom, tells us the French expert in cybercrime. ” I contacted the affiliates of the LockBit group at the end of August through their various communication channels on the DarkNet and they were very clear. At the question “Did you attack this hospital center?” They gave me the unequivocal answer “Yes, that’s us!” What you have to understand with this group of hackers is that their method of racketeering is always the same. They first demand a sizeable ransom. Initially, 10 million euros and then they negotiate their prices. Currently, they are offering a million dollars to erase the data they copied but at the same time, they are also asking for a million dollars to return the stolen files to the hospital if the establishment wishes to reinstall them..

Lockbit since the attack on Corbeil-Essonnes hospital has claimed 84 other victims. For them, data racketeering is a business like any other and as they say themselves, using a quote from the film The GodfatherNothing personal in our attacks, just business “.

A growing threat

According to the press release posted online by LockBit, the Corbeil-Essonnes hospital is ” a company with an annual revenue of 650 million euros “. For these hackers, whether their victims are public establishments or private companies, it’s all the same. Their indiscriminate attacks are intensifying.

In the day of September 14 alone, cybercriminals have already sent around fifteen ransom demands to several establishments, including insurance companies, but also to several town halls in France and public services managed by local authorities whose systems are now completely blocked today.

► To read also: Cyberattack at the Corbeil-Essonnes hospital: “Negotiating with pirates is unthinkable”

rf-5-general