Previous Story
FBI, LAPD Investigate Cyber Attack at Hollywood Presbyterian Hospital
Posted On Feb 19 2016
Comment: Off
Neither law enforcement nor the hospital gave any indication of who might have been behind the attack or whether there are any suspects. It also seems as though the hospital was not specifically targeted, but was the subject of a random attack, meaning someone on the staff likely unknowingly clicked an infected link which installed a virus.
Cases such as this have been dubbed “ransomware”, and their increasing popularity is worrying to institutions such as hospitals that are not as up to date on computer security, according to the Associated Press.
“The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key”, hospital CEO Allen Stefanek said in a statement. “In the best interest of restoring normal operations, we did this”.
In order to unlock the encryption Vishwanath said, the hacker has to send a “key”, and if the decoder key isn’t sent, all the encrypted data is lost permanently.
Computer safety experts stated hospitals are notably weak as a result of some medical gear runs on previous working methods that can’t simply be safeguarded. Liza Myers, a researcher with a computer security firm, said that hospitals are “about 10 to 15 years behind the banking industry” when it comes to fielding cyberattacks.
The math behind whether to pay a ransom demand can be simple.
Patient care at Hollywood Presbyterian was not affected by the hacking, and there is no evidence any patient data was compromised, Stefanek said. The investigation is being carried out by the apex investigation authority in the country, and according to law enforcement sources, it has now come to light that the hospital paid the ransom before reaching out to law enforcement for assistance. Hollywood Presbyterian did not say why it made the disclosure, but its hand may have been forced by spreading rumors a week after the hack. The company stated that it’s “concentrating on these offenders and their scams”.
One cause hackers are interested in ransomware is that it may be created with relative ease – do-it-your self ransomware kits can be found – and the return on funding could be robust.
A report from Intel Corp.’s McAfee Labs released in November said the number of ransomware attacks is expected to grow even more in 2016 because of increased sophistication in the software used to do it.
If you are the target of a ransomware attack, Vishwanath said, log off of your intranet immediately to prevent the malware’s spread.
