As many as 27 cyber attacks have hit French hospitals in 2020, confirmed the secretary of state for digital transition and communications, Cédric O, who stressed that the whole of French society and economy lives under this threat.
"There were 27 major attacks against hospitals in 2020. There has been one per week since 2021," he recently told the Senate.
The secretary of state was questioned in the Upper House following a recent ransomware cyberattack that paralysed almost all information systems at the Dax hospital centre, located in southwestern France, on the night of 8-9 February. In this type of attack, hackers hack into the system and encrypt its files to render them non-functional, then demand a ransom to unlock them.
In his appearance before the Senate, Cédric O, wanted to highlight "two recent successes", referring to the dismantling of the Emotet malware at the end of January and the arrest last week of hackers suspected of being linked to the Egregor ransomware, thanks to cooperation between the European Union and the United States.
In any case, the French government is already preparing to announce new measures on Thursday in the face of the threat of further cyberattacks also on businesses and public institutions.
Emotet was used in France to target certain services of the Ministry of Justice, magistrates and lawyers in Paris in September last year, and is considered one of the largest ransomware infection vectors. Egregor, meanwhile, had been used in the attack that hit the Ouest France newspaper at the end of November.
The National Security Agency for Information Systems (ANSSI) said earlier this month that "attacks on hospitals show that a ransomware attack can have real-world consequences for patients, putting their lives at risk.
French authorities will allocate an additional €1.039 billion to strengthen the fight against cyber-attacks. It will be detailed this Thursday by the president, Emmanuel Macron, following his meeting by videoconference with the teams of the two hospitals that have been recent victims, the aforementioned hospital in Dax, and the one in Villefranche-sur-Saône, the latter located in the west of the country.
Of the 1.039 billion, the state will provide 720 million, while the remaining 319 million will be private investment. According to the Elysée, the strategy adopted is based on anticipating and understanding attacks and helping those affected, while also reducing the weight of foreign entities in cybersecurity, which currently represents between 30 and 40 per cent.
Several actors are involved in this fight, including the Ministry of the Interior, the Ministry of Justice and the Ministry of Economy, as well as the police and their counterparts in other countries, as international cooperation is necessary to put an end to this type of threat.
The cybersecurity sector in France represents 37,000 jobs and has been growing steadily in recent years, with turnover increasing by 10% in the last five years.
They plan to increase turnover to 25 billion in 2025 compared to 7.3 billion in 2019, double the number of jobs and above all ensure that France is globally competitive in this sector.
The French authorities even want to build a campus in the Parisian financial district of La Défense, planned for the second half of 2021 and intended for students and private and public sector players, in order to create an "ecosystem" dedicated to this fight.
But they also recall that all entities have an obligation to protect personal data, and that failure to do so in the right way could result in a sanction.