The Blog

Wave of cyberattacks in hospitals: facilities are unevenly prepared

Cyber news
March 28, 2023

The wave of attacks on hospitals is a reminder that hackers are unscrupulous and determined. Faced with them, IT teams are struggling with resources constrained by budget restrictions. For some, the temptation is strong to reduce protective barriers. They lower their defense capacity by entrusting their security to a single piece of equipment: the firewall. The fact that 100% of attacked sites were equipped with firewalls proves that they are insufficient.

The recent attacks on healthcare establishments are particularly outrageous. The success of these attacks on many of them should make us reflect on the means of defence we have put in place.

Demanding establishments maintain solid protection. But in recent years, some hospitals have significantly lowered their defense levels. Budgetary considerations have led them to eliminate the number of protection barriers, entrusting all their security to a single piece of equipment: the Next Generation firewall. It has become their only bulwark.

The first principle of security, however, is to erect several different barriers against attackers. By using a single technology to combat threats, whatever their origin, this principle is flouted. Firewalls have taken over a growing number of IT security domains, providing the same response for servers, client workstations, Internet access, e-mail, etc. 100% of establishments that have been successfully attacked were equipped with the latest generation firewalls, proving that they were not enough.

Alexandre Souillé, President of Olfeo, the French leader in Web security, explains: "Demanding organizations put up several consecutive ramparts against cybercriminals. On the other hand, over the past few years we've seen a drift away from an 'all firewall' approach. It's quite distressing: who would have the idea of putting the same lock on their door 4 times? 3 separate protection systems of different technologies and brands will be more effective. We need to get back to basics and follow Anssi's recommendations.

Ransomware penetrates the target organization's IS in a particularly vicious way, using several channels including e-mail and the web, before taking over all servers. The combination of firewall, proxy and anti-spam software from different vendors offers the best possible protection. In fact, this is recommendation no. 22 of the Anssi hygiene guide, which should be followed.

What's more, with the concentration of manufacturers, 4 brands of Firewall share the French market. As a result, firewalls have become "mass-market" products, freely available to hackers, who can test their attacks at will, so that they can penetrate this unique barrier.

As a result, healthcare establishments are very unevenly placed to combat this wave of attacks, with some far better prepared than others.

About Olfeo

Olfeo is the French leader in Web security. For over 18 years, Olfeo has been helping demanding companies secure, analyze and optimize their web flows. Thanks to its in-depth knowledge of the needs of French organizations, Olfeo has developed a disruptive web security gateway, based on a global vision, not just a technological one. Olfeo covers functions such as advanced proxies, SSL decryption, web filtering, web antivirus, nomadism, public portals, DNS, cybersecurity training, etc. ... whether SaaS or On-Premise.

Press contact:

Adeline Weugue
4, rue de Ventadour - 75001 Paris
01 84 16 91 58 / 06 38 79 46 96

White paper
Protect your business from ransomware
5 min reading