Los Angeles hospital attack concerns cybersecurity experts

February 19, 2016 by Justin Pritchard

Cybersecurity experts worry that the $17,000 a Los Angeles hospital paid hackers to regain control of its computers could signal a troubling escalation of the growing "ransomware" threat.

Though patient care was not "compromised in any way," Hollywood Presbyterian Medical Center paid the bounty "in the best interest of restoring normal operations," President Allen Stefanek said in a written statement.

A typical attack starts when a person opens an emailed link or attachment. Malicious code locks the computer—or, worse, an entire network. Victims pay hackers for a "key" to unlock their machines—and may be desperate to do so if they have not diligently backed up their data and networks.

Many ransomware victims pay quietly, or abandon infected machines. It was unusual that Hollywood Presbyterian, which has more than 400 beds and is owned by CHA Medical Center of South Korea, both revealed the attack publicly and disclosed its cost.

Computer security experts said hospitals are particularly vulnerable because some medical equipment runs on old operating systems that cannot easily be safeguarded. If an employee opens an infected file from a computer that also connects with a patient monitoring station or insulin pump, those devices also could be locked.

Hospitals have not been as diligent in combating cyber threats such as ransomware as other sectors, according to several experts, despite the life-and-death nature of their operations, their tight control over patient information and mandates that they move toward electronic record keeping.

Hospitals are "about 10 to 15 years behind the banking industry" in combatting cyber threats, said Lysa Myers, a researcher with the computer ESET.

The math behind whether to pay a ransom demand can be simple.

Paying thousands of dollars to resolve a serious attack that has penetrated a multimillion dollar business such as a large hospital would be "a no brainer," said James Carder, chief information security officer of LogRhythm, a security intelligence and analytics firm.

Several companies have told Carder that the FBI suggested they pay ransom, he said. Jason Haddix, the director of technical operations at the information security firm Bugcrowd, said companies also have told him the same.

"If you're at a point where you can't do anything," said Haddix, "sometimes the only option is to pay."

An FBI spokeswoman did not immediately respond when asked whether the FBI has in some cases suggested that a company pay. The agency said it is investigating the Hollywood Presbyterian case.

"Ransomware has been around for several years, but there's been a definite uptick lately in its use by cyber criminals," the FBI wrote in a 2015 post on its website. The agency said that it is "targeting these offenders and their scams."

Hollywood Presbyterian paid 40 bitcoins, a digital currency of floating value that on Thursday was worth about $420 each. The problem was first noticed Feb. 5, hospital president Stefanek said, and its system was fully functioning 10 days later.

One reason hackers are attracted to ransomware is that it can be created with relative ease—do-it-yourself ransomware kits are available—and the return on investment can be strong.

To launch a ransomware campaign that lasts one month might cost $5,900, and generate about $90,000 in revenue, according to projections by the cyber security firm Trustwave.

A report from Intel Corp.'s McAfee Labs released in November said the number of ransomware attacks is expected to grow in 2016 because of increased sophistication in the software used to do it. The company estimates that on average, 3 percent of users with infected machines pay a ransom.

While a hacker may get several hundred dollars to unlock many individual computers, getting $17,000 is a decent payday. Based on the public confirmation of that figure, hackers are "going to begin to test the price," said Jack Danahy, chief technology officer at cyber security firm Barkly.

The best defense against a ransomware attack is not to click on unknown links and attachments. Intrusion detection systems and firewalls can help if a person does click—but once the ransomware is entrenched, if the system does not have good system backup practices, the choices boil down to paying or never regaining control.

Explore further: Hospital paid 17K ransom to hackers of its computer network

Related Stories

Hospital paid 17K ransom to hackers of its computer network

February 18, 2016

A Los Angeles hospital paid a ransom of about $17,000 to hackers who infiltrated and disabled its computer network because paying was in the best interest of the hospital and the most efficient way to solve the problem, the ...

A Q&A about the malicious software known as ransomware

April 8, 2015

Ransomware is a growing threat to computer users, who can suddenly find they're unable to open or use their files when their machines are infected. The malicious software can attack any user—an individual, small business, ...

Can we stay safe against the threat of ransomware?

August 10, 2015

The possibility of losing all of your files and photos on your computer is a frightening prospect for most people. So much so, that large numbers of users are choosing to pay the criminals holding them to ransom rather than ...

Dutch nab hackers setting ransoms to unlock computers

September 17, 2015

Dutch police revealed Thursday they have arrested two young hackers who infiltrated a type of malware known as "ransomware" to access thousands of computers worldwide, before demanding money to unlock the machines.

Recommended for you

Samsung to disable Note 7 phones in recall effort

December 9, 2016

Samsung announced Friday it would disable its Galaxy Note 7 smartphones in the US market to force remaining owners to stop using the devices, which were recalled for safety reasons.

Swiss unveil stratospheric solar plane

December 7, 2016

Just months after two Swiss pilots completed a historic round-the-world trip in a Sun-powered plane, another Swiss adventurer on Wednesday unveiled a solar plane aimed at reaching the stratosphere.

Solar panels repay their energy 'debt': study

December 6, 2016

The climate-friendly electricity generated by solar panels in the past 40 years has all but cancelled out the polluting energy used to produce them, a study said Tuesday.

0 comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.