A Los Angeles hospital has paid cybercriminals a Bitcoin ransom demand of 12,000 to restore access to its medical database.
The Hollywood Presbyterian Medical Center shut down its computer network on 5 February, following a ransonware cyber attack that has lasted more than a week.
Ransomware commonly refers to malware attacks that encrypt data and demand payment before the user can obtain the decryption key.
Hospital staff were locked out of online patient records and test results, forcing them to resort to pens, pads, phones and fax machines for many tasks usually handled on computers.
As soon as the hospital identified the attack, it called in investigators from the Los Angeles police department, FBI and a private cyber forensics firm.
After more than a week of working with the experts however, managers decided to pay the ransom.
"The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom," said hospital president and CEO Allen Stefanek in a statement. "In the best interest of restoring normal operations, we did this."
Early reports initially claimed the criminals had demanded 9,000 bitcoins (2.6 million), but the hackers only received 40 bitcoins.
Stefanek added that there was no evidence at this time that hackers accessed any patient or employee information.
The identity of the ransomware attackers is still unknown, but some reports have suggested that the attack was random rather than specifically targeted at the hospital.
Cyber attacks such as ransomware are becoming an increasing threat to businesses and public organisations.
The malware attack against the hospital follows Kaspersky Lab's own investigations into hospitals' vulnerabilities, saying it was "scary" how easy it is to hack hospitals.
Lincolnshire County Council was also the victim of a similar malware attack last month, but the council refused to pay the demand.
-
The evolving role of the CISO and how it impacts channel partnersIndustry Insights The traditional IT sales cycle is being rewritten as CISOs emerge as the most important stakeholders for channel partners to align solutions with
-
How businesses can use storytelling to drive AI adoption among their workforceMany employees are still resisting AI tools, but narrative-led communication is more likely to get their buy-in than data and spreadsheets
-
Ransomware cartels are fragmenting into volatile splinter groups, warns Met Police cyber chiefNews Commoditized "cyber crime bazaars" and AI data mining are forcing law enforcement to rewrite its playbook
-
New ransomware threat group, The Gentlemen, has become one of the most active ransomware operators, accounting for 10% of all attacksNews NTT researchers warn that the RaaS group is leveraging SystemBC malware to establish covert tunnelling, evade detection, and support rapid lateral movement across enterprise environments
-
Instructure chose to a pay ransom following the Canvas cyber attack – research shows more than half of security leaders would follow suitAnalysis Opting to pay ransoms creates huge risks for enterprises – you’re relying on the word of criminals
-
Ransomware negotiator sentenced for role in major cyber crime groupNews Deniss Zolotarjovs was a key player in a group associated with Conti
-
Threat actors ditch ‘spray and pray’ attacks in shift to targeted exploitationNews A dip in ransomware volumes points to a more targeted approach focused on vulnerability exploitation
-
Security leaders overconfident about ransomware recovery
News Few manage to recover all their data, and many experience business disruption
-
German authorities want your help finding the hackers behind GandCrab and REvilNews Daniil Maksimovich Shchukin and Anatoly Sergeevitsch Kravchuk are believed to have made millions from ransomware as a service schemes
-
The rise of teen hackers ‘makes for a good headline’, but cyber crime activities peak later in life
News With family responsibilities and mortgages to pay, it's not teenagers dishing out malware or carrying out cyber extortion
