Ransomware: Hospital In Washington, D.C. Is Latest Medical Facility To Be Attacked

Just how secure are computers in our hospitals? On April 1, computer hackers used ransomware to attack Medstar, which has multiple hospitals in the Washington, D.C and Maryland area. The ransomware attack forced every computer in every one of Medstar’s hospitals to be taken offline.

What Is Ransomware?

Ransomeware is the latest type of virus that hackers are using in order to generate income. First discovered in 2013, the virus completely takes over a computer. The user can’t access or do anything while the ransomware has the computer locked down. In order to regain access to the computer, a specific amount of money needs to be paid. The payment information is normally on the screen once the ransomware has taken over. If the ransom is paid, control of the computer is restored by the hacker who locked it down.

The FBI is investigating the ransomware problem at each hospital under the Medstar banner. The FBI declined to say if a ransom was asked for during the hospital hack. A comment was made in regard to progress being made that would restore the computer systems.

“I do not know when the systems would be restored or the type of virus involved, but significant progress toward restoring functionality of our clinical systems has been made.”

On Thursday, a cyber alert was issued by the United States and Canada that warned against ransomware attacks. Security experts state that attacks using ransomware are likely to increase. The sophistication involved in ransomware attacks has computer security experts scrambling to protect computers from this new style of hacking. The joint cyber alert was issued by the U.S. Department of Homeland Security and the Canadian Cyber Incident Response Centre. Part of the statement can be found below.

“Infections can be devastating to an individual or organization, and recovery can be a difficult process that may require the services of a reputable data recovery specialist.

“Paying the ransom does not guarantee the encrypted files will be released. It only guarantees that the malicious actors receive the victim’s money, and in some cases, their banking information.”

Last month, a hospital in California was victimized by a ransomware virus. The computers at the Hollywood Presbyterian Medical Center were rendered useless when a hacker was able to get ransomware on their systems. The hacker demanded that the hospital pay 40 Bitcoins ($17,000). If the ransom was paid, the hacker would give the hospital a decryption key that would allow them to regain access to their computers. Allen Stefanek, the CEO of Hollywood Presbyterian Medical Center, decided that paying the ransom was the right thing to do.

“The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key. In the best interest of restoring normal operations, we did this.”

Adam Kujawa, Head of Malware Intelligence for Malwarebytes, commented on the growing computer problem related to ransomware.

“Unfortunately, a lot of companies don’t tell anybody if they had fallen victim to ransomware and especially if they have paid the criminals. I know from the experiences I hear about from various industry professionals that it’s a pretty common practice to just hand over the cash.”

Ransomware forces hospital networks to shut down, resort to paper https://t.co/IQGVLxUC2W pic.twitter.com/v0hDYceKlS

— Graham Cluley (@gcluley) March 29, 2016

Cyber security experts, along with law enforcement, state that any person or institution that has their computer taken over by ransomware should not pay what the hacker demands. It is believed that if the ransom is paid, hackers become more confident and dangerous. Paying the ransom gives the hackers more money to develop better ransomware and it shows them that people will pay in order to regain access to their computers.

Do you think the hospital should pay what the ransomware hacker is demanding?

[Image Via Carlos Amarillo/Shutterstock]