eugenesergeev - Fotolia

News Stay informed about the latest enterprise technology news and product updates.

Ransomware attack causes internal emergency at Hollywood hospital

The FBI, along with the LAPD, began investigating a ransomware attack at a Hollywood hospital that has crippled the facility's operations and could cost millions.

The Hollywood Presbyterian Medical Center was hit by a ransomware attack that has caused untold damage for the facility and its patients. The FBI and Los Angeles Police Department have been called in to investigate.

The attack reportedly shut down the Hollywood hospital's computer system on Feb. 5. Hospital President and CEO Allen Stefanek told NBC Los Angeles the staff began noticing "significant IT issues and declared an internal emergency."

Although Stefanek claimed patient care was not affected by the ransomware attack, he admitted patients have been diverted to other hospitals. Additionally, an unnamed doctor at the hospital said the computers affected were essential for documenting patient care and the transmission of lab work, X-rays and CT scans. The attack left stored medical records for past patients inaccessible, and some outpatients did not receive treatment as a result of the attack.

Several staff members at the Hollywood hospital have confirmed the ransomware attack, and claimed the hackers are asking for 9,000 bitcoins -- approximately $3.6 million at current exchange rates -- in exchange for the encryption keys to restore the system. It is unknown what variant of ransomware was used.

Stefanek claimed the attack was random and was not malicious, and the FBI and LAPD have begun investigating. It is still unknown if any personally identifiable information or other sensitive patient data was stolen in the attack.

It is also unclear what kind of data backups were being used by the Hollywood hospital. Many experts agreed using encrypted, cloud-based storage to back up sensitive data can significantly mitigate the risks of ransomware attacks. Beyond that, experts often suggest enterprises be more vigilant in educating employees about potential risks, because many bigger issues begin with smaller attacks, such as phishing.

Tim Erlin, director of IT security and risk strategy for Tripwire Inc., based in Portland, Ore., agreed this was likely the case.

"The attack was random in the sense that the attackers were not specifically targeting this hospital," Erlin said. "A targeted attack includes specific tactics and objectives that pertain to an organization or individual. Ransomware is not a new tool for attackers. Its objective is to encrypt valuable data, and then require a ransom for the decryption key. This type of attack works for any organization that has sensitive data -- from hospitals and police stations to the average consumer."

"We're talking about cybersafety, not just cybersecurity. The average consumer may not realize how vitally important effective electronic communication is for a hospital. Disruption of that communication slows treatment and creates real risk to human life," Erlin said. "An attacker can significantly impact a hospital's ability to deliver care without directly attacking medical devices themselves. Hospitals should include these kinds of cyberattacks in their disaster recovery plans."

Next Steps

Learn how to avoid being affected by ransomware.

Learn the difference between extortionware and ransomware.

What can your organization can learn from the Community Health Systems breach?

Dig Deeper on Malware, virus, Trojan and spyware protection and removal