$17,000 bitcoin ransom paid by hospital to hackers sparks outrage
The malware ransom attack on Hollywood Presbyterian Medical Center — which prompted the facility to pay a $17,000 ransom in bitcoin to the hacker who seized control of the hospital’s computer systems — is part of a larger problem that is generating outrage.
The hospital attack has prompted a California state senator to propose making it an extortion crime for a hacker to infect a computer system with so-called ransomware.
The cyberattack is made when a malware program engages as soon as a victim clicks on a compromised website. The virus then locks the victim’s computer.
The malware program tells users they can unlock their computers by making a payment through a money card service.
The assault on Hollywood Presbyterian occurred Feb. 5 when hackers using malware infected the institution’s computers, preventing hospital staff from being able to communicate from those devices, Chief Executive Allen Stefanek.
The hacker demanded 40 bitcoin, the equivalent of about $17,000, he said.
“The malware locks systems by encrypting files and demanding ransom to obtain the decryption key. The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key,” Stefanek said. “In the best interest of restoring normal operations, we did this.”
The hospital said it alerted authorities and was able to regain control of all of its computer systems by Monday, with the assistance of technology experts.
Stefanek said patient care was never compromised, nor were hospital records.
Sen. Bob Hertzberg (D-Van Nuys) introduced legislation this week that would stiffen penalties against hackers, with those convicted of ransomware schemes receiving up to four years in prison.
Top hospital officials called the Los Angeles Police Department last week, according to police Lt. John Jenal.
Laura Eimiller, an FBI spokeswoman, said the bureau has taken over the hacking investigation but declined to discuss specifics of the case. Law enforcement sources told The Times that the hospital paid the ransom before reaching out to law enforcement for assistance.
Phil Lieberman, a cybersecurity expert, said that while ransomware attacks are common, targeting a medical institution is not.
“I have never heard of this kind of attack trying to shut down a hospital. This puts lives at risk, and it is sickening to see such an act,” he said. “Health management systems are beginning to tighten their security.”
The attack forced the hospital to return to pen and paper for its record-keeping for a time.
The 434-bed short-term acute care hospital on Vermont Avenue is owned by CHC of South Korea.
For SoCal crime & investigations follow me on Twitter @lacrimes
The stories shaping California
Get up to speed with our Essential California newsletter, sent six days a week.
You may occasionally receive promotional content from the Los Angeles Times.