Previous Story
Hospital pays bitcoin ransom after malware attack
Posted On Feb 21 2016
Comment: Off
The unknown hackers seized control of the hospital’s computer systems and would only give access back if a $17,000 ransom was paid in bitcoins.
Computer security experts said hospitals are particularly vulnerable because some medical equipment runs on old operating systems that can not easily be safeguarded. “We were advised that paying the ransom in these situations is often the most timely way to restore the affected systems and administrative functions, which we did”, Stefanek said. “In the best interest of restoring normal operations, we did this”.
The medical center was hit with the attack on February 5, which left employees without access to the electronic health record systems and email for more than a week.
Stefanek said that computer experts and law enforcement were informed immediately and ten days after the attack, the network was in full operation again.
Given that law enforcers from the Federal Bureau of Investigation and LAPD were said to have been drafted in to investigate the attack, it seems that their advice was to pay the ransom – hinting that the variant used was one which couldn’t be cracked, like Cryptowall.
There were speculations that the hackers demanded 9000 bitcoins in ransom.
Bitcoin is a form of digital currency that is increasingly becoming the favorite way for bitcoing hackers to collect ransom money.
Hospital officials maintain that there is no evidence that patient data was stolen from the network, and Stefanek said that “patient care was not compromised in any way”.
The FBI said it is investigating the ransomware attack, but have provided no details beyond that.
Two police departments in MA recently paid off ransomware hackers after losing access to their files. Intrusion detection systems and firewalls can help if a person does click but once the ransomware is entrenched, if the system does not have good system backup practices, the choices boil down to paying or never regaining control.
According to security firm Symantec, during 2013, the number of attacks each month rose from 100,000 in January to 600,000 in December, according to a 2014 data collected by the company.
