Wednesday, February 24, 2016 by Greg White
Hollywood Presbyterian Medical Center chose to pay a $17,000 ransom to hackers who took the institution’s computer network hostage. The hackers said they wouldn’t hand the computer systems over until the medical center paid the ransom, according to the hospital’s chief executive on Monday.
The incident took place on Feb. 5th when hackers used a piece of malware known as ransomware to infect the facilities computers and prevent hospital workers from communicating with the devices, noted Chief Executive Allen Stefanek. The hackers demanded 40 bitcoin, which is nearly $17,000.
“The malware locks systems by encrypting files and demanding ransom to obtain the decryption key. The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key,” Stefanek said. “In the best interest of restoring normal operations, we did this,” he added.
Hackers who target individuals and institutions are quite common; however, attacking a hospital is unusual and considered low even by hacker standards. “I have never heard of this kind of attack trying to shut down a hospital. This puts lives at risk, and it is sickening to see such an act,” Phil Lieberman, a cybersecurity expert, told sources. “Health management systems are beginning to tighten their security,” he added.
Hospital officials said they contacted authorities and were able to regain control over its computer systems by Monday, ten days later, with the aid of technology experts. Hospital staff had to resort to pen and paper to keep records. Stefanek said the quality of patient care was not affected by the ransom, and that there is no evidence to suggest that patient data was harmed.
“Unfortunately, a lot of companies don’t tell anybody if they had fallen victim to ransomware and especially if they have paid the criminals,” Adam Kujawa, Head of Malware Intelligence for Malwarebytes , told sources. “I know from the experiences I hear about from various industry professionals that it’s a pretty common practice to just hand over the cash.”
Computer security authorities usually encourage people to not pay the random; however, in some instances, law enforcement agencies recommend that they do, Kujawa explained.
According to a report from Corp.’s McAfee Labs issued in November, ransomware attacks are expected to be on the rise in 2016 because of advances in software technology used to do it. The organization calculates that three percent of users with infected computers pay ransoms.
The hospital did not report if law enforcement recommended paying the ransom in order to secure the data key used to regain control of the data. Laura Eimiller, an FBI spokeswoman, said the bureau has taken over the investigation but did not give details about the case.
The only specifics the FBI provided was that ransomware was the technology behind the attack. Authorities told The Times that the hospital paid the ransom prior to contacting the police for help. Neither the hospital nor law enforcement have any idea who the hackers were.
Bitcoin is becoming a popular form of currency among hackers because it is hard to trace. Federal law requires hospitals to report medical data breaches that affect 500 people or more. Since 2010, a minimum of 158 medical facilities, hospitals and insurers have reported incidences of hacking or where patient data that was compromised.
Ransom attacks are still uncommon but cyber attacks on hospitals have become more frequent in recent years. In July, hackers may have acquired the medical records of 4.5 million from UCLA Health System’s computer network.