Ransomware takes Hollywood hospital offline, $3.6M demanded by attackers

Network has been offline fore more than a week, $3.6 million demanded as ransom
CSO | Feb 14, 2016 3:43 PM PT

The computers at Hollywood Presbyterian Medical Center have been down for more than a week as the Southern California hospital works to recover from a Ransomware attack.

According to officials HPMC, they're cooperating fully with the LAPD and FBI, as law enforcement attempts to discover the identity of the attackers.

However, in the meantime the network is offline and staff are struggling to deal with the loss of email and access to some patient data.

The hospital's President and CEO, Allen Stefanek, said the situation was declared an internal emergency, telling NBC LA that the hospital's emergency room systems have been sporadically impacted by the malware.

www.csoonline.com...

It was only a matter of time. The extent of the hold on medical services where people are being turned away is critical and the hospital has declared an internal emergency. They have resorted to using hand written notes (gasp!) But from what I'm hearing, it's easy to hack into hospitals because their systems aren't overly protected. Since this happened at UCLA hospital last year and peoples lives are on the line, I'm wondering why this isn't taken more seriously. After all, this is a form of terrorism that can hit close to home without a bomb or gunfire.

And we see once again, how completely helpless we are and the government isn't able to do a thing about this form of terrorism. This has gon on over a week and no end in sight.

I'm opting to append rather than edit so I don't violate T&C.

Here is more to the article:

Some patients were transported to other hospitals due to the incident. In other parts of the hospital, computers essential for various functions, including CT scans, documentation, lab work, and pharmacy needs are offline.

The hospital's network has been down for at least a week, forcing staff to rely on fax machines and telephones to get work done.

Registrations and medical records are being logged on paper and staff have been told to leave their systems offline until told otherwise.

Stefanek said the attack was random, but didn't expand on any of the technical details. Sources who spoke to NBC LA and Fox 11 in LA described the attack with descriptions matching a typical Ransomware infection.

It's funny, I have a laptop that has been out of order because of a similar virus. It affected many thousands of my works documents that I can't ever recover because it is way too far past a recovery date. I has the laptop sitting in a drawer until I felt like dealing with it which was this past weekend. Just a coincidence that the timing is similar to what is going on. For myself, I was stupid and didn't keep my antivirus up to date. But for a hospital, it's more than stupid. It's irresponsible and borders on criminal. If we are required to give them our personal info, pictures etc. like the hospital in my town, they are obligated to protect that information. Kind of makes HIPAA a bit of a joke.

a reply to: StoutBroux

That's pretty messed up. You have to be a real scumbag to target the sick and injured to satisfy your greed for money. What a POS. I hope they catch who's behind it and cut off their hands and feet and poke their eyes out then charge people to come laugh at the freak. Then they'll understand what it's like to be helpless while somebody else profits off your misery.

Seems there is nothing too low or too scandalous for people to try and profit from now. Makes me think of "Pharma Bro" Martin whatever increasing the price of that one drug 500%. Does the world really need people like this??? We really need an Anti-Hero who'd go around the globe quietly removing these kinds of people.

a reply to: StoutBroux

Wow, this is huge. I can't believe it's been going on for a week and this is the first I've heard of it (on ATS of all places, no other media)


I didn't even think of HIPAA either until you mentioned it OP.

This sounds absolutely disastrous. I wonder who had a bone to pick with this hospital? They won't be getting that ransom money, i can bet that though


Thanks for sharing this info OP S & F

It sounds like another iteration of Cryptowall. They probably got infected when someone there clicked on what looked like a business-related e-mail with the subject line: "Your order has shipped!" or something along those lines.

Law enforcement is going to have a tough time catching them since they made sure to cover their tracks well.

originally posted by: FamCore
a reply to: StoutBroux

Wow, this is huge. I can't believe it's been going on for a week and this is the first I've heard of it (on ATS of all places, no other media)


I didn't even think of HIPAA either until you mentioned it OP.

This sounds absolutely disastrous. I wonder who had a bone to pick with this hospital? They won't be getting that ransom money, i can bet that though


Thanks for sharing this info OP S & F

hey, there is an election year.....nothing else matters in national news, unless people die......

originally posted by: FamCore
a reply to: StoutBroux

Wow, this is huge. I can't believe it's been going on for a week and this is the first I've heard of it (on ATS of all places, no other media)


I didn't even think of HIPAA either until you mentioned it OP.

This sounds absolutely disastrous. I wonder who had a bone to pick with this hospital? They won't be getting that ransom money, i can bet that though


Thanks for sharing this info OP S & F

Yeah, I thought it was big too, surprised that today was the first I'd heard about it. They might not get the money but I guarantee you, the data is destroyed. These virus' are brutal. All the characters are changed to code and virtually unreadable.




Reply to mOjOm: couldn't agree more. But I'm implicating the facilities also. We are well into the information age and this is preventable. They are harboring personal information and aren't doing enough to protect it. It's the little people who are inconvenienced that peeves me.

originally posted by: Junkheap
It sounds like another iteration of Cryptowall. They probably got infected when someone there clicked on what looked like a business-related e-mail with the subject line: "Your order has shipped!" or something along those lines.

Law enforcement is going to have a tough time catching them since they made sure to cover their tracks well.

That's exactly what I was hacked with. Vicious. I'm pretty conservative in my viewing links but an innocent click can result in utter failure without the proper protection.

a reply to: StoutBroux

Why oh why do large corps.. and every bugger else
still slave to Microsoft???

Listen .. it's crap ..buggy and very very insecure.

Use Linux .. security guaranteed!

a reply to: StoutBroux

A virusscanner wouldn't necessary recognise the malware in hand.
That renders it useless.
In any case: I'm pretty sure the best mallware scanners are used to test detection.
And remember: the scanner is allways one step behind a well designed bit of mallware.
So I wouldn't go so far to call hospital staff incompetence or even criminals.

a reply to: rigel4

Well ... not so much.
Linux is better but in no way more secure.

Oh yeah...I nearly forgot:

These thugs are not hackers.
Hackers don't ransom.
Hackers don't want money.
Hackers have power... they do not need money.

originally posted by: Daalder
a reply to: rigel4

Well ... not so much.
Linux is better but in no way more secure.

Um.. wrong..
These ransom ware attacks couldn’t happen in Linux
it's that simple.
Why do you say that Linux is not secure.. show evidence of this claim.
I can certainly show evidence to the contrary!

1

2

3

4
Sorry about that.. double click happy ..

What ever happened to the idea of backups for thing like patient records, etc.

originally posted by: rigel4

Um.. wrong..
These ransom ware attacks couldn’t happen in Linux
it's that simple.
Why do you say that Linux is not secure.. show evidence of this claim.
I can certainly show evidence to the contrary!

A new bit of ransomware is now attacking Linux-based machines, specifically the folders associated with serving web pages. Called Linux.Encoder.1 the ransomware will encrypt your MySQL, Apache, and home/root folders. The system then asks for a single bitcoin to decrypt the files.

a reply to: rigel4
Linux is no stranger to this sort of malware:
www.zdnet.com...
(Thought zdnet was reliable source don't you?)
Article about Linux malware:en.m.wikipedia.org...

But you are surely going to say that this doesn't proof anything...

Maybey the fact that nothing digital is 100% secure will.
But that's just common sence trying to wash your brain.