Advertisement

Los Angeles County health department targeted in ransomware attack

Los Angeles County health department targeted in ransomware attack
A mural on the 8th floor of the pediatric wing of Los Angeles County+USC Medical Center. The county's Department of Health Services was targeted in a "ransomware" hacking attack this week. (Brian van der Brug / Los Angeles Times)

Los Angeles County Department of Health Services computers have been targeted in a "ransomware" cyberattack, officials said Friday.

Ransomware is a type of malware that takes control of computers and cuts off users' access to files or threatens to destroy them unless a ransom is paid.

Advertisement

Hollywood Presbyterian Medical Center officials said earlier this month that they had paid a $17,000 ransom in bitcoin to a hacker who seized control of the hospital's computer systems.

The attack on the Los Angeles County health department was on a smaller scale. Spokesman Michael Wilson said the agency had identified remnants of a ransomware thread on five work computers Wednesday, but that operations had not been affected.

"There has been no spread of any ransomware virus or compromise of any DHS network," he said.

The department reported the incident to the Los Angeles County district attorney's office and the county's chief information office.

Wilson said the county has not paid a ransom and will not do so. The attack was the first of its kind targeting the health services department, he said.

A spokesman for the district attorney declined to comment.

David Sommers, a spokesman for the county chief executive office, declined to say whether other county departments had been targeted with similar attacks, but said the county is aggressive in working to prevent cyberattacks.

"Since the New Year, the healthcare industry has experienced an uptick in ransomware incidents.... The county is no different but has been successful in analyzing and mitigating this threat," he said.

Clifford Neuman, director of USC's Center for Computer Systems Security, said such attacks are becoming common and are usually not targeted, but spread through viruses, links, email attachments and through fake or compromised web sites.

"Since this one affected only a few employees' systems and does not appear to have spread further, it was likely one of these non-targeted pieces of malware," he said.

Having security measures in place that prevented the affected employees from have "unconstrained access to the county's data...likely prevented this from having a more crippling effect, similar to what was seen at Hollywood Presbyterian," Neuman said.

Advertisement

Twitter: @sewella

ALSO

Advertisement
Advertisement