Hackers are demanding a ransom payment of $3.6 million following an attack against a Southern California hospital.
NBC4 reports that staff at the Hollywood Presbyterian Medical Center began noticing “significant IT issues and declared an internal emergency” late last week.
A doctor who wishes to not be identified told NBC4 that the hospital’s IT system had been hacked and was being held for ransom.
Computer forensics experts, the FBI, and the Los Angeles Police Department are currently investigating the attack.
In the meantime, the hospital continues to cope with a degraded computer network.
All other departments have resorted to communicating via jammed fax and phone lines, with registrations and medical records being logged on paper.
As a result of these complications, some outpatients have missed their treatments, while some patients are being transferred to other hospitals.
CSO Online notes that the type of malware used in the hospital attack is currently unknown. However, a local computer consultant has stated that the hackers are demanding a ransom of 9,000 Bitcoins be paid – approximately $3.6 million – in return for the restoration of the hospital’s data.
Security observers balked at reports that attackers were demanding a ransom payment of £1 million for an attack against Lincolnshire County Council earlier in February.
So, no one was really surprised when BBC News stated that the earlier claim of £1 million had been revised to a paltry £350.
$3.6 million, by comparison, is about twice the first-reported ransom demand in the Lincolnshire attack, and no-one has so far denied its accuracy.
Catalin Cimpanu of Softpedia believes that only two scenarios are plausible: either the ransomware spread to a number of computers in the hospital via a local LAN server, causing the ransom demand for all affected computers to total 9,000 BTC, or the attackers are exploiting the infection of a small number of key computers to an almost unreal degree.
This case highlights the importance of regular data back-ups for organizations and ordinary users alike.
At this time, it is unclear to what extent patients’ information might have been affected by the attack. We can only hope that secure backups of encrypted data have been maintained, or that the forensics experts identify the ransomware quickly and find it to be a variant for which a decryption tool has already been produced. Otherwise the hospital could face a very heavy payment in its near future.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.