General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsHollywood hospital hit with ransomware: Hackers demand $3.6 million as ransom
http://www.computerworld.com/article/3032310/security/hollywood-hospital-hit-with-ransomware-hackers-demand-3-6-million-as-ransom.htmlNo matter where you work, you dont want to be told there is an internal emergency and you cant use the computers, but that is precisely the situation at a Hollywood hospital which is a ransomware victim. The attacker demanded an exorbitant 9,000 bitcoin, which is roughly 3.6 million dollars, to unlock the computers.
Hollywood Presbyterian Medical Center President and CEO Allen Stefanek admitted the hospital is suffering from significant IT issues and declared an internal emergency. He declined to confirm the 9,000 BTC ransom to NBC4, calling the attack clearly not malicious but random.
A doctor who wished to remain anonymous told NBC Los Angeles the computer system has been locked up for over a week and the staff was unable to pull up any patient records. 911 patients who were not were diverted to other emergency rooms had to register the old-school way on paper the same goes for charting patients medical records.
Hospital departments have been forced to communicate via jammed fax lines and over the phone, added the unnamed staff doctor. I was told that the hackers demanded 9,000 bitcoin be electronically sent to them, and in exchange, the hackers would send back the key codes to restore the system.
more at link
bravenak
(34,648 posts)AngryAmish
(25,704 posts)hobbit709
(41,694 posts)What kind of security did they have, if any.
Glassunion
(10,201 posts)The idiot that got in, is most likely not a singular, but plural group of people with advanced knowledge in computer systems, networking and security.
I cannot speculate on what kind of security they have.
hobbit709
(41,694 posts)and both that computer and the network security were not up to snuff.
Glassunion
(10,201 posts)hobbit709
(41,694 posts)Each case it was ID ten T error.
Glassunion
(10,201 posts)I've been there.
Most ransomware can be defeated simply with a solid security policy on the machines along with user level restrictions.
mnhtnbb
(31,404 posts)for my Master's degree in 1974-75. Then I went to work at Childrens Hospital--across the street--from HPMC.
Too funny.
It was also the place where-- one night about 8 PM as a meeting was breaking up between Childrens and HPMC personnel about a joint service---Richard Thomas told us "good night, all"
as he walked past us to leave the hospital after his wife had given birth to their son. Those who remember The Waltons--and the 'good night, John Boy'
will understand how humorous that was.
olddots
(10,237 posts)this could be a trend .
rjsquirrel
(4,762 posts)Ransomware attacks are a scourge.
Two words: offsite backup.
JesterCS
(1,827 posts)Just time intensive. ive had 2 comps and an android device get it. pain in the ass. i cant imagine a whole hospital network
cbdo2007
(9,213 posts)I'm familiar with a different, highly sensitive company that just went through one of these and all of the security experts confirmed that the hackers do not steal data, rather they just lock it so you can't access it.
Everyone should remember to back-up your stuff, off-site, at least weekly so you can just shake these things off when they happen.
MineralMan
(146,329 posts)Cash only. At some point this ransomware scourge needs to end.
steve2470
(37,457 posts)MineralMan
(146,329 posts)This ransomware stuff is originating elsewhere, I think. Worst of all, if you pay, they just try to hold you up for more. It's a pure scam. They lock up your data, but you're not going to get it back, regardless of what you do.
That hospital is going to have to start from scratch and rebuild, no matter what they do.
Network security is something that needs to be taken very, very seriously. Too many organizations aren't doing that. We'll see more of this.