The inter-municipal healthcare company Vivalia suffered, during the night from Friday to Saturday, a “large-scale” computer attack which led to the blocking of 200 servers and 1,500 computers in the hospitals and nursing homes of this active structure in the provinces. of Luxemburg. The consequences of this computer hacking are likely to be felt for some time yet, but the safety of patients in hospitals managed by the intermunicipal company is guaranteed, ensure Vivalia officials.
The cyberattack was detected shortly before 3:30 a.m. Very quickly, it was decided to take emergency measures to prevent the spread of the computer virus. All internet communications with the outside were cut, as well as computers and servers attacked, all running under the Windows operating system.
An emergency cell was convened immediately and the intermunicipal company quickly received the support of the governor of the province of Luxembourg and the Federal Judicial Police as well as police cybersecurity experts. “We are currently in the second phase. We are trying to identify the origin of the attack to plug the security breach before restarting, or even restoring, our IT systems”, explained Yves-Henri Serckx, IT director of Vivalia, Saturday followingnoon during a press conference.
Vital services provided
In the meantime, the cyberattack has consequences for the functioning of hospitals, but these seem to remain manageable. “Vital hospital services are preserved“, reassure the managers of Vivalia. According to Doctor Pascal Pierre, General Manager of Medical Affairs, “all the equipment in the intensive care units is working, as are the dialysis machines. Operating theater devices are also functional, as are emergency and coronary angiography devices.“.
On the other hand, the general telephone center of the Vivalia hospitals is no longer accessible, but the direct numbers allowing you to reach this or that service are.
We go back 40 years
Currently, nursing staff no longer have the means to consult a patient’s computer prescription file. “Fortunately, back-up systems make it possible to print the treatment that the patient should receive. We’re going to have to go back to paper and pen“, continues Doctor Pascal Pierre.
The two hospital services “most impacted” by the cyberattack are radiology and the laboratory. But x-rays are still possible, as are lab analyzes although the latter currently take longer.
To deal with this situation, no blood tests outside hospitals were carried out this Saturday morning while covid testing was suspended. “The question will arise at the beginning of next week whether or not to postpone or cancel consultations and operative activities. A new crisis meeting is scheduled for this Sunday morning“, for his part indicated Yves Bernard, acting general manager of Vivalia.
What is certain is that it will take some time before the intermunicipal company can restart all the servers and computer stations affected.
The origin of the cyberattack and the motivations of the hackers might not yet be clarified at this stage. For the moment, Vivalia has not received a ransom demand. Also at this stage, there is no indication that personal data of patients or residents of nursing homes has been stolen. “A priori, this attack was intended to paralyze our activity“, believes Yves-Henri Serckx.
In recent years, several Walloon hospitals have been victims of cyberattacks, such as the Wallonia Picardy Hospital Center in Tournai (ChWapi), at the start of 2021, or the André Renard clinic in Herstal, in 2019. In some cases, a ransom demand of 5,000 euros per computer server had been claimed. Vivalia includes six hospital sites, a polyclinic, four rest homes and rest and care homes, a psychiatric care home and three crèches, located in the province of Luxembourg.