The Hollywood Presbyterian Medical Center was hit by a ransomware attack that has caused untold damage for the facility and its patients. The FBI and Los Angeles Police Department have been called in to investigate.
The attack reportedly shut down the Hollywood hospital’s computer system on February 5. Hospital President and CEO Allen Stefanek told NBC LA that the staff began noticing “significant IT issues and declared an internal emergency.”
Although Stefanek claimed that patient care was not affected by the ransomware attack, he admitted that patients have been diverted to other hospitals. Additionally, an unnamed doctor at the hospital said the computers affected were essential for documenting patient care and the transmission of lab work, X-rays and CT scans. The attack left stored medical records for past patients inaccessible and some outpatients did not receive treatments as a result of the attack.
Several staff members at the Hollywood hospital have confirmed the ransomware attack and claim the hackers are asking for 9,000 bitcoins (approximately $3.6 million at current exchange rates) in exchange for the encryption keys to restore the system. It is unknown what variant of ransomware was used.
Stefanek claimed that the attack was random and was not malicious and that the FBI and LAPD have begun investigating. It is unknown as yet if any personally identifiable information or other sensitive patient data was stolen in the attack.
It is also unclear what kind of data backups were being used by the Hollywood hospital. Many experts agree that using encrypted, cloud-based storage to back up sensitive data can significantly mitigate the risks of ransomware attacks. Beyond that, experts often suggest enterprises be more vigilant about educating employees about potential risks because many bigger issues begin with smaller attacks like phishing.
Tim Erlin, director of IT security and risk strategy for Tripwire Inc., based in Portland, Ore., agreed this was likely the case.
“The attack was random in the sense that the attackers were not specifically targeting this hospital,” Erlin said. “A targeted attack includes specific tactics and objectives that pertain to an organization or individual. Ransomware is not a new tool for attackers. Its objective is to encrypt valuable data and then require a ransom for the decryption key. This type of attack works for any organization that has sensitive data, from hospitals and police stations, to the average consumer.”
“We’re talking about cyber safety, not just cybersecurity. The average consumer may not realize how vitally important effective electronic communication is for a hospital. Disruption of that communication slows treatment, and creates real risk to human life,” Erlin said. “An attacker can significantly impact a hospital’s ability to deliver care without directly attacking medical devices themselves. Hospitals should include these kinds of cyberattacks in their disaster recovery plans.”
What can your organization can learn from the Community Health Systems breach?