Breaking News: Hollywood Presbyterian Medical Center Hit with Ransomware, Hackers Demand $3.6M Ransom | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Breaking News: Hollywood Presbyterian Medical Center Hit with Ransomware, Hackers Demand $3.6M Ransom

February 16, 2016
by Heather Landi
| Reprints
Click To View Gallery

The computer system at Hollywood Presbyterian Medical Center, based in Los Angeles, Calif., has been down for more than a week following a ransomware attack and hackers are demanding $3.6 million to restore the system, according to local news sources.

According to a news report from a local NBC station (NBC4), Hollywood Presbyterian Medical Center president and CEO Allen Stefanek said hospital staff noticed “significant IT issues and declared an internal emergency” Feb. 5. He also said the attack was random, not malicious, and that the hospital’s emergency room has been sporadically impacted since the attack. The outage is due to ransomware that ended up on the hospital’s internal network.

"At this time, we have no evidence that any patient or employee information was the subject of unauthorized access or extraction by the attacker," Stefanek reported to NBC4.

The Los Angeles Police Department and the Federal Bureau of Investigation (FBI) have launched an investigation into the cyber attack.

“A doctor who did not want to be identified said the system was hacked and was being held for ransom. The unnamed doctor said that departments are communicating by jammed fax lines because they have no email and that medical office staff does not have access to email,” the NBC news report stated.

Hospital staff have reported that they cannot pull up electronic patient medical records and are registering patients on paper and they also stated that some patients have been diverted to other hospitals because of the outage, NBC4 reported.

CSO, a publication that covers security and risk management, has reported that hackers are demanding ransom of 9,000 Bitcoin, equivalent to about $3.6 million.

“Based on the information available, it seems like the hospital got hit with a ransomware type of malware, which typically encrypts the data on the computer, or multiple computers, and then requests some kind of payment in order to provide the decryption key so users can access that data,” says Tim Erlin, director of IT security and risk strategy at Tripwire, a software vendor that provides information technolgoy and network security solutions.

“In the IT security industry, we talk a lot about medical device security and it’s noteworthy that this attack that effectively crippled a hospital from delivering patient care effectively did not actually involve the security of medical devices, as far as we know,” he notes. “An attacker can significantly impact a hospital’s ability to deliver care without directly attacking medical devices themselves.”

Erlin advises that hospitals and health systems address these kinds of cyber attacks both from a prevention and a disaster response standpoint.

“Most of it comes down to basic security best practices. Malware may be very sophisticated, but the messages that attackers use to put that malware on a system are not sophisticated, as it usually involves a misconfigured system, a published vulnerability that has been attacked or a human being that has made some sort of mistake,” he says.

As with many other cyber attacks targeting the healthcare industry, there are lessons to be learned.

“Hospitals should take the time to review the configurations of their systems to make sure that they are secure and don’t contain misconfiguration, and they should scan their network for vulnerabilities and have a plan to patch those vulnerabilities. They also need train their staff in how to recognize phishing scams or malicious emails that might lead to an infection,” he says.

Erlin also says hospitals should include these kinds of cyber attacks in their disaster recovery plans. “Systems may be taken off line maliciously, or by other circumstances. It’s important to have procedures in place to protect patients in either case,” he says.

He continues, “The most significant lesson from this incident at this point is that hospitals rely on some of the basic IT systems for effective patient care. And while this malware may not have directly infected a medical device, a CT machine or a MRI, the inability for hospital staff to communicate effectively, to access patient records, does directly affect patient care. So in order to respond to these incidents a hospital needs to build a response plan and a disaster recovery plan to treat this loss of IT assets as a kind of disaster from which they need to recover, and during which time they need to be able to operate effectively. So they should have backup plans for how to communicate and how to access patient records when systems are unavailable.”

In the event that this type of cyber attack does occur, hospitals and health system can mitigate the situation by having a backup that is not connected to the internal network. “Another option is to have devices that can connect to patient records off site, at another hospital or in a centralized system. It depends on the architecture of the system, to a certain extent, but hospitals should consider this – if that computer that’s sitting at the front desk or at the nurses’ station is inaccessible for some reason, then there should be another way to access the information they need to deliver patient care,” Erlin notes.








Former Michigan Governor to Serve as Chair of DRIVE Health

Former Michigan Governor John Engler will serve as chair of the DRIVE Health Initiative, a campaign aimed at accelerating the U.S. health system's transition to value-based care.

NJ Medical Group Launches Statewide HIE, OneHealth New Jersey

The Medical Society of New Jersey (MSNJ) recently launched OneHealth New Jersey, a statewide health information exchange (HIE) that is now live.

Survey: 70% of Providers Using Off-Premises Computing for Some Applications

A survey conducted by KLAS Research found that 70 percent of healthcare organizations have moved at least some applications or IT infrastructure off-premises.

AMIA Warns of Tax Bill’s Impact on Graduate School Programs in Informatics

Provisions in the Republican tax bill that would count graduate student tuition waivers as taxable income would have detrimental impacts on the viability of fields such as informatics, according to the American Medical Informatics Association.

Appalachia Project to Study Relationship Between Increased Broadband Access, Improved Cancer Care

The Federal Communications Commission and the National Cancer Institute have joined forces to focus on how increasing broadband access and adoption in rural areas can improve the lives of rural cancer patients.

Survey: By 2019, 60% of Medicare Revenues will be Tied to Risk

Medical groups and health systems that are members of AMGA (the American Medical Group Association) expect that nearly 60 percent of their revenues from Medicare will be from risk-based products by 2019, according to the results from a recent survey.