Wednesday, March 30, 2016

Ransomware attacks on the rise

PARCA eNews – Feb. 17, 2016 – Hollywood Presbyterian Medical Center (“HPMC”) announced in a letter that it had paid hackers $17,000 to end a malware attack on the hospital’s computer systems.

The hospital’s network was crippled by an attack that locked access to the medical center’s electronic medical record (“EMR”) system. For more than a week, clinicians had been unable to access patients' electronic health records and staff had not been able to communicate by email. Computers necessary for CT scans, pharmacy needs, lab work and documentation were also offline.

CEO Allen Stefanek of Hollywood Presbyterian Medical Center (HPMC) announced that it paid the hackers who had disabled HPMC’s IT network a ransom of about $17,000 to restore operations. Hospital officials said the attack seemed to be random, rather than a deliberate attack targeting HPMC. The malware that affected HPMC encrypted thousands of files on the network and even destroyed backups.

On Feb. 26, EvergreenHealth a community hospital in Kirkland, Wash. also was hit with ransomware. However, the ransomware did not cripple EvergreenHealth’s systems as it did those at HPMC. EvergreenHealth security controls helped minimize the impact of the attack. The malware encrypted only files on certain users’ C: drives and H: drives. The IT department was able to re-image the affected workstations and restore encrypted files from tape backups.

The EvergreenHealth attacks are believed to have been launched either when a user opened a Word or Excel file attached to a legitimate-looking email – or when a user visited a web page that launched the malware.

No comments:

Post a Comment