Hollywood Presbyterian Medical Center appears to have paid a ransom to have its patient data back. The Los Angeles hospital secured access to its decrypted computer network after cybercriminals were paid about $17,000 in crypto-currency bitcoin.
In a major blow to the war against the thriving cybercrime of ransomware, Hollywood Presbyterian Medical Center paid a ransom of 40 bitcoins, currently worth $16,664 dollars, to hackers who infiltrated and disabled its computer network, thereby bringing patient care to a grinding halt. Not wanting to jeopardize the functioning of the hospital and risk the lives of its patients, the medical center decided to pay the cybercriminals. “It was the most efficient way to solve the problem,” shared the medical center’s chief executive, reported NBC News.
CEO of Hollywood Presbyterian Medical Center Allen Stefanek confirmed that the ransom had been paid to regain access to the hospital’s computer systems, and more importantly to patient medical data.
“The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key. In the best interest of restoring normal operations, we did this.”
The hacker had assured that the hospital staff would have instant access to the critical medical history of all its patients only when the money was paid.
The CEO confirmed that releasing the ransom has unlocked the data. After the ransom was transferred electronically, the hospital was able to regain control of its system and electronic data access was restored on Monday. The IT staff cleared the malware, added Stefanek.
He categorically noted that patient care wasn’t affected by the outage and there was “no evidence” that any patient or employee information was subject to unauthorized access, reported Market Watch. However, NBC Los Angeles had earlier reported that many patients who had dialed 911 during the time the hospital was under cyber-attack were redirected to other hospitals as a precautionary measure.
— IT Governance (@ITGovernance) February 16, 2016
Stefanek mentioned that the hospital first noticed the malware in its computer system on February 5, after many among his staff complained about the inability to access medical records of patients. None of the staff were able to share any communication or update medical records electronically. This severely restricted the hospital’s functionality and heavily burdened the attending medical personnel who were unable to offer patient care without their trusty electronic patient database.
The Hollywood Presbyterian Medical Center and its management had a simple dilemma in front of them. Either they could fork over the ransom and quickly regain access to their critical patient data or search for workarounds to the lockdown of files and systems. Incidentally, increasing number of establishments are facing such a predicament. The Federal Bureau of Investigation (FBI) strongly insists not to pay ransom as it only fuels the cybercrime wave, reported the Inquisitr.
Though the ransom has been paid, the FBI is investigating the attack, commonly referred to as “ransomware,” in which the hackers encrypt the victim’s computer network and the data. The cybercriminals first gain access to the system through innovative ways, most common being a malware-laced email. Once the system is locked, the hackers then contact the management of the establishment and inform about the attack, and offer to unlock their system, for a fee.
— Catalin C. (@campuscodi) February 14, 2016
Cybercriminals often hold the digital data as “hostage” and demand a ransom, usually in the form of crypto-currencies like bitcoin in exchange for a digital decryption key. This is precisely what happened to the Hollywood Presbyterian Medical Center and the management thought it wise to comply.
Though physicians and medical staff attempted to continue their work with handwritten notes, given the notoriously messy scribbles that are virtually ineligible, the medical center might have considered it was easier to simply pay the ransom. Nonetheless, this move by the Hollywood Presbyterian Medical Center will undoubtedly be criticized as it only encourages cybercriminals, reported the Village Sun Times.
[Photo By John Moore/Getty Images]