Los Angeles County Department of Health Services computers have been targeted in a “ransomware” cyberattack, officials said Friday.
Ransomware is a type of malware that takes control of computers and cuts off users’ access to files or threatens to destroy them unless a ransom is paid.
Hollywood Presbyterian Medical Center officials said earlier this month that they had paid a $17,000 ransom in bitcoin to a hacker who seized control of the hospital’s computer systems.
The attack on the Los Angeles County health department was on a smaller scale. Spokesman Michael Wilson said the agency had identified remnants of a ransomware thread on five work computers Wednesday, but that operations had not been affected.
The department reported the incident to the Los Angeles County district attorney’s office and the county’s chief information office.
Wilson said the county has not paid a ransom and will not do so. The attack was the first of its kind targeting the health services department, he said.
A spokesman for the district attorney declined to comment.
David Sommers, a spokesman for the county chief executive office, declined to say whether other county departments had been targeted with similar attacks, but said the county is aggressive in working to prevent cyberattacks.
Clifford Neuman, director of USC’s Center for Computer Systems Security, said such attacks are becoming common and are usually not targeted, but spread through viruses, links, email attachments and through fake or compromised web sites.
“Since this one affected only a few employees’ systems and does not appear to have spread further, it was likely one of these non-targeted pieces of malware,” he said.
Having security measures in place that prevented the affected employees from have “unconstrained access to the county’s data...likely prevented this from having a more crippling effect, similar to what was seen at Hollywood Presbyterian,” Neuman said.