Hollywood hospital coughs up Bitcoin to end ransomware attack

Hollywood hospital coughs up Bitcoin to end ransomware attack

The Hollywood Presbyterian Medical Center revealed Wednesday that it had decided to pay the ransom to hackers who had infected their computer system with ransomware.

Although initial reports suggested that the ransom demanded was 9000 Bitcoin ($3.6 million), the amount paid by the hospital was only the significantly lower sum of 40 Bitcoin ($17,000).

The attack, which occurred last week, shut down vital systems needed for patient care, including CT scans, documentation, lab work and pharmacy needs, as well as sporadically impacting emergency room systems.

Doctors and medical staff were reported to have resorted to telephone calls, fax machines (apparently they still exist) and keeping paper records, and patients were being told they must travel to pick up medical test results in person rather than receive them electronically.

Fortunately, it is believed no one died due to the attack, but some patients had to be transported to other hospitals for treatment.

“The malware locks systems by encrypting files and demanding ransom to obtain the decryption key. The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key,” Hollywood Presbyterian Medical Center Chief Executive Officer Allen Stefanek told The Los Angeles Times. “In the best interest of restoring normal operations, we did this.”

Bad precedent

You can understand why the hospital agreed to pay up and 40 Bitcoin isn’t a huge amount to pay, but the decision to pay the ransom sets an appallingly bad precedent that will only encourage those running ransomware rings to increase their attacks.

There’s also the chance now, particularly given the widespread media attention this case has obtained, that more hospitals will be attacked as they may be perceived as being soft targets.

Details are not available on the exact form of ransomware used in the attack, and the Federal Bureau of Investigation (FBI) isn’t commenting publicly on the investigation, but we’d still put money on Cryptowall 3.0 or a new variant given the hospital could find no way of retaining control over their systems.

RELATED:  Former St. Louis Cardinals scouting director Chris Correa gets 46 months for hacking Houston Astros

The attack is still being labeled as “random” but as a pure security lesson it’s important to note that the primary attack vector for Cryptowall is through a phishing campaign, which means that someone, somewhere in that hospital received an email and let the ransomware in; ultimately the best security any enterprise can implement is to stop the infection happening to begin with and that’s by beefing up email security and staff training.

If attack is the best form of defense that attack has to be at the gateway while the wolf is still at the door.

Image credit: tambako/Flickr/CC by 2.0
Duncan Riley

Duncan Riley

Duncan Riley is a senior writer at SiliconANGLE covering Startups, Bitcoin, and the Internet of Things.

Duncan is a co-founder of VC funded media company B5Media and founder of news site The Inquisitr, and was a senior writer at TechCrunch in its earlier days.

Tips? Press releases? Intersting startup? email: duncan@nichenet.com.au or contact Duncan on Twitter @duncanriley
Duncan Riley

SIGN UP FOR THE SiliconANGLE NEWSLETTER!

Join our mailing list to receive the latest news and updates from our team.

SIGN UP FOR THE SiliconANGLE NEWSLETTER!

Join our mailing list to receive the latest news and updates from our team.

Submit a Comment

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Share This

Share This

Share this post with your friends!