Ransomware is always going to present a major headache for any victim, but when a hospital is at the center of an attack, the matter suddenly appears more threatening, with the stakes potentially a whole lot higher.
Take the Hollywood Presbyterian Medical Center in Los Angeles. Its computer systems have been offline for more than a week following a ransomware attack, with hackers reportedly demanding a $3.6 million payment to restore access, CSO reported Monday.
Staff are understandably having a hard time coping, with procedures such as CT scans unable to be carried out. In some cases, patients are being ferried to nearby medical facilities for treatment.
The ongoing incident also means hospital workers are unable to gain access to important documents, patient data, and emails. Instead, staff have had to step back in time, firing up fax machines and making more use of pens and paper to keep track of work at the facility.
The hospital has confirmed the attack, and says that so far it has no evidence to suggest patients' medical records have been accessed by the hackers, the BBC reported.
The FBI and LAPD are now examining the incident, but with the ransom unpaid and the investigation ongoing, those working at the facility have been told to keep off their computers until further notice. The hospital hasn't said publicly how it's dealing with the situation, or revealed what kind of data backup systems it has in place.
It's not clear how the hospital's computer systems were infected with the ransomware, but it may have been a simple case of a member of staff clicking on a malicious link or attachment in an email. Such action would then have opened the way for the malware to automatically take over a system, locking users out until a sum of money is paid to the hackers.
It's possible cybercriminals targeted the hospital in the belief that, considering the important nature of its work, it'd be more likely to pay up. However, there's been no indication that the facility intends to do that.