PARCA
eNews – Feb. 17, 2016 – Hollywood Presbyterian Medical Center (“HPMC”) announced
in a letter that it had paid hackers
$17,000 to end a malware attack on the hospital’s computer systems.
The
hospital’s network was crippled by an attack that locked access to the medical
center’s electronic medical record (“EMR”) system. For more than a week,
clinicians had been unable to access patients' electronic health records and
staff had not been able to communicate by email. Computers necessary for CT
scans, pharmacy needs, lab work and documentation were also offline.
CEO
Allen Stefanek of Hollywood Presbyterian Medical Center (HPMC) announced that
it paid the hackers who had disabled HPMC’s IT network a ransom of about
$17,000 to restore operations. Hospital officials said the attack seemed to be
random, rather than a deliberate attack targeting HPMC. The malware that
affected HPMC encrypted thousands of files on the network and even destroyed
backups.
On Feb. 26, EvergreenHealth a community hospital in
Kirkland, Wash. also was hit with ransomware. However, the ransomware did not
cripple EvergreenHealth’s systems as it did those at HPMC. EvergreenHealth
security controls helped minimize the impact of the attack. The malware
encrypted only files on certain users’ C: drives and H: drives. The IT
department was able to re-image the affected workstations and restore encrypted
files from tape backups.
The EvergreenHealth
attacks are believed to have been launched either when a user opened a Word or
Excel file attached to a legitimate-looking email – or when a user visited a
web page that launched the malware.
No comments:
Post a Comment