November 29, 2019 by Antoine
While the investigation seemed to be at the point of death, new elements tend to provide the identity of the perpetrators of the cyber attack that has targeted the CHU of Rouen the 16th of November last.
The authors of the ransom software
Since the large-scale attack that hit the CHU of Rouen, the engineers of the ANSSI (national agency of security of computational systems) have tried to trace the track of the cyber-criminal to the origin of the incident.
According to the experts commissioned by the ANSSI, the software of the ransom referred to as “Clop” would have served to paralyze the computer system of the hospital. Out, this hack tool would have been widely deployed by the group of Russian hackers YOUR 505 since mid-November.
“Clop is a rançongiciel classic, which does not use fault computer new or unknown tool, it is of the malicious software on the shelf that anyone can use,” says Emmanuel Gras, founder of the company specialized Alsid and old from the Anssi.
In the light of these elements, the track that the group YOUR 505 to have orchestrated the attack would be seriously considered by the ANSSI.
No liability of the CHU
The Rouen university hospital has not been implicated in the vulnerability that allowed the hackers to infiltrate its network.
“There are really no faults to individual staff, but simply errors of judgement. The development of digital in this type of health structures has often been a bit naive, no safety procedure is adapted. This is a concern for everyone, ” says the director of the ANSSI.
In the meantime, the computer system of the CHU is gradually returning to normal with all the medical applications that have been restored. However, the hospital is cautious and operate all of its computers without an internet connection, a measure to prevent another cyber attack during the period of investigation.
What do you think of this new track about the cyber-attacks? Give us your opinion in the comments section below
(Be the FIRST to vote)