Cyberattack Paralyzed U.S Hospital

Uploaded on 2016-02-29 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Health & Welfare

Doctors have been locked out of patient records for more than a week by hackers who are demanding money to release the data.   A hospital in Los Angeles has been operating without access to email or electronic health records for more than a week, after hackers took over its computer systems and demanded millions of dollars in ransom to return it.

The hackers that broke into the Hollywood Presbyterian Medical Center’s servers are asking for $3.6 million in Bitcoin.  The hospital’s staff is working with investigators from the Los Angeles Police Department and the FBI to find the intruders’ identities.

Meanwhile, without access to the hospital’s computer systems, doctors and nurses are communicating by fax or in person. Medical records that show patients’ treatment history are inaccessible, and the results of X-rays, CT scans, and other medical tests can’t easily be shared. New records and patient-registration information are being recorded on paper, and some patients have been transferred to other hospitals.

A recording on a media-relations phone line at the hospital said that “patient care has not been compromised” after the cyberattack, but a spokesperson was unavailable for further comment.

The fact that hackers were able to encrypt patient records doesn’t necessarily mean they gained access to those files, but the goal of this type of cyberattack isn’t to get to patient information; it’s to make sure that the hospital can’t get to it, either. Viruses and malware that take over a server or a computer and demand money to return it are known as ransomware. The tactic has spread in popularity in recent years, as hackers take advantage of the increase in networked devices, gadgets, and servers.

When a number of small police departments in Massachusetts, Tennessee, and New Hampshire were hit with separate ransomware attacks, all three paid between $500 and $750 to get their data back.

Alan Stefanek, the CEO and president of Hollywood Presbyterian, told NBC reporters that the cyberattack on his hospital was “random” and not malicious. If that’s the case, then it’s possible someone at the facility clicked on an infected link in an email or a pop-up ad and introduced a virus onto the hospital network.

When a ransom-seeking virus infects a computer or server, it starts by encrypting the contents of the device. Using publicly available encryption methods, an attacker can lock up the contents of a device so effectively that even the FBI has given up on decryption efforts in the past. The attacker then offers the key to the victim’s now-encrypted files back to the user—for a price. The average ransom demand is just $300, but if a hacker knows they’ve bested a wealthy organization desperate for its data back, they’re likely to dream much bigger.

If the hospital chooses to pay the ransom, or negotiate terms for the release of its data, it will not be the first health-and-safety organization to do so. When a number of small police departments in Massachusetts, Tennessee, and New Hampshire were hit with separate ransomware attacks, all three paid between $500 and $750 to get their data back.

Those departments paid because the data they’d lost was essential, and federal law-enforcement attempts to defeat the ransomware were unsuccessful. Hollywood Presbyterian patient-record history and email archives are likely just as indispensable, but the reported seven-digit asking price dwarfs the $500 hackers got from the police departments.
While it’s unlikely that the facility will pay millions of dollars to restore its databases and systems, it’s in desperate straits without a backup of its patient files. Unless law enforcement can break the encryption keeping the data hostage, the hospital may be forced to start from scratch.

The Atlantic:

« PWC On The Hunt For 1,000 Data Scientists
Retailers Are Hardest Hit by Malware »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Verimuchme

Verimuchme

Verimuchme is a digital wallet and exchange platform to secure, verify and re-use personal information.

Robert Bosch Centre for Cyber-Physical Systems (RBCCPS)

Robert Bosch Centre for Cyber-Physical Systems (RBCCPS)

RBCCPS is an interdisciplinary research and academic centre within the Indian Institute of Science focused on research in cyber-physical systems.

Averon

Averon

Averon's technology is the new gold standard for digital identity - the easiest, fastest and most secure verification solution for users on both WiFi and LTE.

Managed Security Solutions (MSS)

Managed Security Solutions (MSS)

MSS deliver consultancy services and managed security services for IT departments who may lack the time, resources, or expertise themselves.

OXO Cybersecurity Lab

OXO Cybersecurity Lab

OXO Cybersecurity Lab is the first dedicated cybersecurity incubator in the Central & Eastern Europe region.

Y-PARC

Y-PARC

Y-PARC is a center of excellence for cybersecurity, precision industries and medtech, fostering innovation and development and support for startups.

ProofID

ProofID

ProofID is a specialist provider of Identity Access Management (IAM) solutions. We focus on the solving the complex needs of the modern enterprise.

Blaick Technologies

Blaick Technologies

Blaick is an Israeli cyber-security company which deploys proprietary Artificial Intelligence threats detection technology for early prevention of online cyber crime.

Terralogic

Terralogic

Terralogic is a software and IT services company, an expert in IoT, Cloud, DevOps, App development and Cybersecurity.

Pakistan Telecommunication Company Limited (PTCL)

Pakistan Telecommunication Company Limited (PTCL)

Pakistan Telecommunication Company Limited (PTCL) is the largest integrated Information Communication Technology (ICT) company of Pakistan.

Assured Clarity

Assured Clarity

Assured Clarity are a global consultancy, specialising in Risk Management and Data Privacy, through Education, Awareness and Training, throughout an organisation.

SequelNet

SequelNet

SequelNet is an emerging MSP, providing 360° business IT solutions and consulting services.

ConvergePoint

ConvergePoint

ConvergePoint is the leading compliance software provider on the Microsoft Office 365 SharePoint platform.

Northern Computer

Northern Computer

Northern Computer provides comprehensive IT solutions that streamline your operations and help you achieve your business goals.

Vault Cloud

Vault Cloud

Vault Cloud, Australia's National Cloud, is an Australian owned and operated company specialising in secure, sovereign, hyperscale cloud infrastructure.

Securily

Securily

Securily offers the ultimate solution for small to medium-sized businesses, blending cutting-edge AI with expert human insight to deliver the world’s easiest and most effective pentesting experience.