Business

LA hospital paid hackers $17K ransom in bitcoins

By
Social Links for Post Staff Report
Published Feb. 17, 2016, 11:51 p.m. ET

A Los Angeles hospital has paid an anonymous hacker $17,000 to free itself from a cyberattack that had crippled its computer system.

The payment, made in bitcoin, an untraceable cryptocurrency, resulted in the hacker handing over the key to remove the “ransomware” planted in the computer system, Allen Stefanek, president and chief executive of Hollywood Presbyterian Medical Center, said in a letter released Wednesday.

The hacker’s devious plan was first noticed on the evening of Feb. 5 when staffers had trouble logging onto their computers, Stefanek said. As a result, staffers could not communicate with each other, although the CEO said patient care wasn’t compromised.

While it is unusual for businesses hit by hackers to pay ransoms, Stefanek reasoned it was best to do so in this case.

“The malware locks systems by encrypting files and demanding ransom to obtain the decryption key,” the hospital boss wrote in the letter. “The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key. In the best interest of restoring normal operations, we did this.”

Phil Lieberman, a cybersecurity expert, said such attacks on hospitals are rare.

“I have never heard of this kind of attack trying to shut down a hospital,” Lieberman told the LA Times. “This puts lives at risk and it is sickening to see such an act.”

HPMC immediately called law enforcement on Feb. 5, Stefanek said. It was not immediately known if the Los Angeles Police Department or the FBI agreed with the hospital in paying the ransom.

The FBI has taken the lead in the probe.

Ransomware is a specific type of malware downloaded and installed onto a computer system, often during a phishing attack. Once it attaches to a computer, it starts to encrypt crucial system files — locking out the rightful owner.

The malware then tells the victim he or she needs to pay a ransom before a certain date or all the data will be erased.

During the attack, nurses and doctors used pens and paper to take down patient information. The hack appeared to be aimed at getting ransom — not stealing patient information.

“At this time, we have no evidence that any patient or employee information was the subject of unauthorized access or extraction by the attacker,” Stefanek told the local NBC station.

However, patients at the hospital for X-rays, CT scans or others procedures that needed computers were transferred to other nearby hospitals, according to one report.

There were reports earlier that HPMC has paid a ransom of $3.4 million, or 9,000 bitcoins, but Stefanek dubbed those reports false.