A Los Angeles hospital's computers are up and running again after it paid a $17,000 ransom in bitcoins to hackers who infiltrated and disabled its network. The gambit isn't new, but it appears to be on the rise, especially in healthcare.
“The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key,” Hollywood Presbyterian Medical Center CEO Allen Stefanek said in letter posted last week on the hospital's website. “In the best interest of restoring normal operations, we did this.”
Authorities are investigating it as a so-called ransomware attack, in which hackers encrypt a computer network's data to hold them “hostage,” providing a digital decryption key to unlock the data for a price.
Katherine Keefe, global focus group leader of breach response services for London-based insurer Beazley, said the company has seen an uptick in ransomware attacks against its clients in the past six to eight months.
Healthcare organizations, along with small businesses and schools, make good targets for ransomware attacks because they don't typically have the sophisticated backup systems and other resilience measures commonly installed in large corporations, said Lillian Ablon, a cybersecurity expert with the RAND Corp.