Feb 19 -While it was not the first hacked organization to acquiesce to attackers’ demands, the California hospital that paid $17,000 in ransom to hackers to regain control of its computer system was unusual in one notable way: It went public with the news.
Hollywood Presbyterian Medical Center relented to the demands, President Allen Stefanek said, because he believed it was the “quickest and most efficient way” to free the Los Angeles hospital’s network, which was paralyzed for about 10 days.
That announcement sparked fears Thursday among hospitals and security experts that it would embolden hackers to launch more “ransomware” attacks and calls in California for tougher laws.
“It’s no different than if they took all the patients and held them in one room at gunpoint,” said California State Senator Robert Hertzberg, who on Thursday introduced legislation to make a ransomware attack equivalent to extortion and punishable by up to four years in prison.
Stefanek said on Wednesday that his hospital paid hackers a ransom of $17,000 in bitcoins to regain control of their computer systems after the cyber attack.
Because hackers hide their identities and demand payment in bitcoin, authorities may have to work harder to find them than if they used old-fashioned methods.
But cyber-crime experts say that they can still be traced.
“The public nature of the network does give law enforcement an angle to help defeat them,” said Jonathan Levin, co-founder of Chainalysis, a New York company working with bitcoin users. “But it’s a game of cat and mouse.”
Stefanek said in a statement that paying the ransom was the “quickest and most efficient way” of regaining access to the affected systems, which were crippled on Feb. 5 and interfered with hospital staff’s ability to communicate electronically.
He said there was no evidence that any patient or employee information was accessed in the so-called malware attack, and that the hospital fully restored access to its electronic medical record system this Monday.
“Patient care has not been compromised in any way,” Stefanek said.
Stefanek said the attack locked them out of their systems by encrypting files for which only the hackers had the decryption key. He said the hospital notified law enforcement and computer experts worked feverishly to restore system access and uncover the source.
The origin of the computer network intrusion remains unknown but it bogged down communications between physicians and medical staff who suddenly became had to rely on paper records and doctors’ notoriously messy handwriting, according to doctors and the Federal Bureau of Investigation.
Although the cyber attack snarled the hospital’s patient database, doctors managed to relay necessary medical records the old-fashioned way through phone lines and fax machines, said Dr. Rangasamy Ramanathan, a neonatal-perinatal specialist affiliated with the 434-bed facility.
The FBI and the Los Angeles Police Department are working to pinpoint the hacker or hackers responsible for the intrusion, FBI spokeswoman Laura Eimiller said on Wednesday.
Ransomware is big business for cyber criminals and security professionals. Although ransoms typically are less than the hospital paid, $200 to $10,000, victims of a ransomware known as CryptoWall reported losses over $18 million from April 2014 to June 2015, the FBI said.
Ransomware attacks climbed sharply in 2014, when Symantec observed some 8.8 million cases, more than double the previous year. IBM said that last year more than half of all customer calls reporting cyber attacks involved ransomware.