Bitcoin demanded as Hollywood hospital computer systems shut down in ransomware attack
How low can a ransomware attacker go?
The answer to that question is apparently a hospital, with news that computers at the Hollywood Presbyterian Medical Center have been taken offline following a ransomware attack.
According to reports, the people behind the hack have demanded 9,000 Bitcoin ($3.6 million) to return access to internal systems, which have now been inaccessible for over one week.
The attack has been declared an internal emergency, and the hospital’s emergency room systems have been sporadically impacted by the malware, although the hospital itself is claiming that medical records have not been compromised.
Although no one is believed to have died due to the attack, some patients are said to have been transported to other hospitals due to the incident as vital systems needed for patient care, including CT scans, documentation, lab work and pharmacy needs are inaccessible.
Doctors and medical staff have resorted to telephone calls, fax machines, and keeping paper records, and patients are being told they must travel to pick up medical test results in person rather than receive them electronically.
The Federal Beueu of Investigation (FBI), Los Angeles Police, and computer forensics experience hired by the hospital are investigating the attack, although rather strangely at this stage are claiming that the attack itself was random versus being specifically targeted at the facility.
Life & Death
Ransomware is certainly not a new menace and there have been no shortage of attacks demanding Bitcoin payments of late, but attacking a hospital is something beyond the pale.
The type of Ransomware responsible for shutting down the hospital remains unknown, but you’d put money on it being a recent variant of Cryptowall given the systems remain down for over a week.
Cryptowall 3.0 was reported by the Cyber Threat Alliance in November as raking in increasingly large amounts of funds due to its insidious, and difficult to counter takeover of systems that perform several evasive actions to avoid detection once they are in a system.
There have been efforts to track down those using Cryptowall previously, with many previous attacks believed to originate from a single entity that operates out Armenia, Belarus, Iran, Kazakhstan, Russia, Serbia and Ukraine, but with a hospital now being attacked perhaps authorities will step up their efforts to counter these attacks, given it’s no longer a case of people’s financial well being at stake, but their actual life and death.
Image credit: toolshed4/Flickr/CC by 2.0
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU