Hospital pays 40 bitcoin ransom to unlock computers

The Hollywood Presbyterian Medical Center, which has had its computer systems held ransom by malware since February 5, has paid 40 bitcoins to have their systems restored. Initial reports claimed that a hacker was seeking 9,000 bitcoins, or about $3.5 million, to remove the ransomware, but a new report claims the hospital has paid the equivalent of about $17,000 USD in digital currency.

The hospital ultimately decided to pay the ransom in order to get its computers back online — likely it was losing considerably more money having to turn away new patients than what it ultimately ended up paying out. Still, the incident highlights a serious security issue not enough companies are addressing. Hospital departments had been forced to use fax machines and other outdated means of operation, according to reports from insiders, and it wasn't able to access patient files.

Hospital CEO Allen Stefanak said in a statement:

The malware locks systems by encrypting files and demanding ransom to obtain the decryption key. The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key. In the best in interest of restoring normal operations, we did this.

The hospital had tapped law enforcement and the FBI, which has been and continues to investigate the matter. With the aid of experts — and by paying a smaller version of the ransom — the system was restored this past Monday, and patient data remains safe.

The FBI has stated through a spokesperson that it is taking lead on the investigation, which had originally included the Los Angeles Police Department.

Ransomware is a type of malware that locks a computer, requiring the victim to pay an often hefty fee, sometimes in the thousands, to get it unlocked. Those who fail to pay are left with few choices. While the malware is common — and sometimes designed to impersonate government agencies to scare victims into paying — such a large scale ransomware cyberattack is far more unusual.

It isn't clear whether the hackers did indeed originally demand 9,000 bitcoins, or if original reports — which cited unnamed sources — were incorrect. If that figure was initially demanded, it would appear the amount was negotiated down. While Stefanak had originally confirmed the hack, he hadn't gone into any fine details, leaving it to an anonymous doctor and others who reportedly work within the hospital.

The FBI has not revealed any possible source of the cyberattack.

SOURCE: LA Times