Hollywood hospital held to ransom by cybercrooks

A Hollywood hospital has been crippled by a cyberattack, with crooks reportedly holding its data hostage and demanding 9,000 in Bitcoin – about $3.4 million – to give it back.

According to NBC, as of Friday, ambulances were being diverted from Hollywood Presbyterian Medical Center, staff were reduced to using pen and paper to take down patient information, departments had to communicate via fax, and patients had to come to the hospital to pick up test results because email servers have been shut down.

The attack started a week earlier, on 5 February.

The hospital has released little information about how the cyberattack was carried out, so we don’t know whether it occurred through a network hack and an emailed ransom message, or through multiple infections of ransomware.

A doctor who requested anonymity told NBC simply that the hospital’s system was hacked and was being held for ransom.

Allen Stefanek, the hospital’s President and CEO, told NBC that the hospital first became aware of the attack when staff began noticing “significant IT issues” and declared “an internal emergency.”

He said that the FBI is investigating. The hospital has also been getting assistance from the Los Angeles Police Department (LAPD) and cyberforensics experts.

Stefanek said that patients aren’t in danger. But as it is, staff can’t access patients’ medical records, including their medical histories, lab results, X-rays or CT scans.

Doctors are reportedly growing frustrated with the delay in resolving the issue, and patients are experiencing delays in care.

Fearing that whatever is behind the attack could get worse, management has forbidden staff to turn on their computers.

The healthcare blog The Medical Quack says that according to its sources, the computer-reliant Radiation and Oncology departments have been completely shut down.

Stefanek said that so far, there’s no evidence that health data has been compromised in what he called a “random” attack:

At this time, we have no evidence that any patient or employee information was the subject of unauthorized access or extraction by the attacker.

We don’t know whether the hospital will pay the ransom to get the files back – it’s obviously a very difficult decision to make. On the one hand, staff need to be able access to patient data. But on the other hand, if the hospital does pay, it would be funding criminals – and with little certainty that the hackers wouldn’t simply come back right away.

The FBI in October caused a stir when it said that it often advises ransomware victims to just pay the ransom.

Joseph Bonavolonta, Assistant Special Agent in Charge of the Cyber and Counterintelligence Program in the FBI’s Boston office, at the time said that the “overwhelming majority of institutions just pay the ransom.”

Victims often get back access to their data after they pay, he said.

Hopefully the hospital can resolve this quickly, and that staff can get back access to those precious records soon.

Image of hospital courtesy of Shutterstock.