Unfortunately you don’t have to be the NSA Hacker Chief to hack a hospital. Ransomware has been on the rise for years, but this most recent incident might be the most heavily publicized example yet.
Ransomware is a type of malware that involves hackers locking your computer or keyboard until you pay a ransom. This ransom is generally asked for in the form of bitcoin, the untraceable internet currency that is used legitimately and illegitimately around the world.
Private users and public agencies have seen fit to pay the ransom, although sometimes the hacker is ill-intentioned enough to not even restore access to the user’s computers. I believe an entire district police force once opted to pay the ransom, though if I remember correctly they did end up getting their data back.
The most recent victim of a ransomware attack is a testament to how egregious these hackers’ choices can be; the Hollywood Presbyterian Medical Center in Los Angeles has been forced to have their computers offline for over a week because of their unwillingness or inability of pay the $3.4 billion ransom hackers are demanding.
The attack affects the LA hospital’s computer systems needed for law work, pharmaceutical orders, and, sadly, even the computers needed in the emergency room.
The hospital’s spokesperson has been unavailable to comment as of yet, butt he Hollywood Presbyterian Medial Center’s president and CEO Allen Stefanek told KNBC that the attack was “clearly not a malicious attack; it was just a random attack.”
People aren’t quite sure what that is supposed to mean, but it can be assumed that it was something to the tune of, the hackers didn’t purposefully target the hospital but instead sent out a larger net of potential attack leads and the hospital became entangled. However, some journalists doubt that targeting a hospital in a wealthy neighborhood would be the result of a random attack, especially since the hackers are asking for such a large sum of money.
Randomware has been around for over a decade, but it’s only recently that the hacking techniques have become so sophisticated. Originally it was only possible to lock down a target’s keyboard and computer, but hackers have figured out how to encrypt an infected system’s files with a private key that only the hacker knows. Anonymous hospital sources have reported that the hackers offered a “key” in exchange for the ransom money, leading observers to assume that this was the case in this incident.
According to Stefanek, patient care has yet to suffer from the attack, though some emergency patients were deferred to other hospitals nearby. Apparently the major issue has boiled down to the inconvenience of forcing hospital staff to write out documentation by hand for about a week straight. There have been a few patients that had to drive to far-away hospitals for medical tests that could only be conducted with the HPMC’s functioning network.
The demanded ransom is certainly a pretty penny, however. Symantec claims that the total amount of ransomware paid per year is usually around $5 million, so if the hospital coughs up that cash 2016 should be a record breaker. It would also likely inspire copycat attacks, which would be very detrimental to society. Hopefully the government will get involved and figure out who these hackers are.