Systems at Hollywood Presbyterian Medical Center in Los Angeles, California have been offline for more than a week now due to a ransomware attack. The hackers are asking for 9,000 BTC which is about 3.6 million USD.
Hospital president and CEO, Allen Stefanek has said that this attack is interfering with day-to-day operations. Stefanek has also made the statement that the attack was “random” and was not malicious. NBC4 reports that staff at the hospital noticed “significant IT issues and declared an internal emergency” on February 5.
The impact on day-to-day operations this has had on the hospital is very frustrating for the staff.
Since the hospital doesn’t have access to email, digital patient records, and access to internet-connected medical devices, they have resorted to using fax machines and landline telephones to communicate and pen and paper to keep records. The computers responsible for patient care, lab work, X-rays and CT scans have also been impacted. Some patients have even missed treatments.
Not only has the staff been affected, but the patients have felt the impact of this attack too. They now have to pick up results of medical tests in person instead of getting the results digitally. Jackie Mendez who cares for her 87 year old mother told NBC4 that she and her mother have to drive over an hour to get the results. “It’s bad, She’s an older person. It’s not right she has to do this.” It’s also the reason why 911 patients “that were transported by ambulance are being sporadically diverted to other hospitals”.
Softpedia speculates on how this could’ve happened saying, “There are no details about how this happened since everyone is keeping quiet, but two plausible scenarios exist.
The first is that ransomware hit the hospital’s IT network and spread to numerous computers via a local LAN server, and the total ransom for each infected computer amounts to around 9,000 Bitcoin.
The second is that hackers breached the hospital’s IT network and infected the most important computers with ransomware, asking for more money than usual after realizing the target’s potential.”
The hospital’s media-relations phone at the hospital leaves you with a recording that says “patient care has not been compromised”, according to The Atlantic.