SoCal Hospital Paid 17K Ransom to Computer Hackers

(AP/Hamodia) -
(Hollywood Presbyterian Medical Center)
(Hollywood Presbyterian Medical Center)

A Los Angeles hospital has paid a ransom in bitcoins equivalent to about $17,000 to hackers who infiltrated and disabled its computer network.

On Feb. 5, staff at the Hollywood Presbyterian Medical Center began to notice “issues accessing the hospital’s computer network,” hospital CEO Allen Stefanek said in a statement on Wednesday. A subsequent investigation “determined we had been subject to a malware attack.”

“The malware locks systems by encrypting files and demanding ransom to obtain the decryption key,” said Stefanek. “The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key. In the best interest of restoring normal operations, we did this.”

Stefanek said that the ransom requested was 40 bitcoins – currently worth $16,664 dollars.

The hospital’s electronic medical record system was restored on Monday, Feb. 15, and other systems continue to be brought back online.

“All systems currently in use were cleared of the malware and thoroughly tested,” read Stefanek’s statement. “We continue to work with our team of experts to understand more about this event.”

FBI spokeswoman Laura Eimiller said the agency is investigating the extortion plot.

Neither law enforcement nor the hospital gave any indication of who might have been behind the attack or whether there are any suspects.

In the statement Wednesday, Stefanek said that “this incident did not affect the delivery and quality” of patient care.

“Patient care has not been compromised in any way,” he said. “Further, we have no evidence at this time that any patient or employee information was subject to unauthorized access.”

However, in a report last weekend regarding what was then an ongoing incident, NBC Los Angeles said that Stefanek had said that the cyberattack was interfering with the hospital’s operations, including sporadic effects on the emergency room. The NBC Los Angeles report also quoted an unidentified doctor as saying that departments had been communicating by jammed fax lines as they had no email; that the medical office staff had not had access to email; that some outpatients had missed treatments and gone to other hospitals; and that prior medical records for patients who were admitted previously and are now being readmitted, are inaccessible.

The 434-bed hospital in the Los Feliz area of Los Angeles was founded in 1924. It was sold to CHA Medical Center of South Korea in 2004. It offers a range of services including emergency care, maternity services, cancer care, physical therapy, and specialized operations such as fetal and orthopedic surgeries.

Ransomware attacks can happen to everyone from individuals to large institutions.

Bitcoins, the online currency that is hard to trace, were quickly becoming the preferred way hackers collect a ransom, FBI Special Agent Thomas Grasso, who is part of the government’s efforts to fight malicious software including ransomware, told The Associated Press last year.

During 2013, the number of attacks each month rose from 100,000 in January to 600,000 in December, according to a 2014 report by Symantec, the maker of antivirus software.

A report from Intel Corp.’s McAfee Labs released in November said the number of ransomware attacks is expected to grow even more in 2016 because of increased sophistication in the software used to do it.

The company estimates that on average, 3 percent of users with infected machines pay a ransom. It’s not clear how many of those users were individuals and how many companies. Some ransomware attacks go unreported because the victims don’t want it publicized that they were hacked.