Hollywood Presbyterian hack signals more ransomware attacks to come
As hackers hold Hollywood Presbyterian Medical Center’s data and demand $3.4 million Bitcoin to give it back, experts say the “hostage situation” likely signals more ransomware attacks to come.
“There is no style to this attack,” said Kevin Johnson, CEO of firm Secure Ideas. Johnson said that it was likely messaging-based, whether a malicious link in an email or perpetrated via a social network and, basically, an employee fell for it.
Such attacks are particularly alluring to cybercriminals, in fact, because they are reasonably easy to pull off and have a big impact.
The Hollywood Presbyterian situation is not the first ransomware attack. But in other high-profile instances, including Anonymous’ DDoS attack on Boston Children’s and the more recent hit on Flint, Michigan-based Hurley Medical Center, the attackers acted as hacktavists looking for either the release of a patient or what they called “justice” for Flint’s water crisis.
In the case of Hollywood Presbyterian, however, the cybercriminals are demanding the hospital pay a $3.4 million ransom if they want their data back.
In the meantime, executives declared the hospital in a state of emergency and employees are reverting to paper and faxes to communicate.
“This incident really sheds light how weak the core of many providers' internal infrastructure is,” said Elliott Frantz, CEO of Virtue security. “It's very common for hospitals to have a large number of outdated and vulnerable systems on the network.”
What’s more, Hollywood Presbyterian might be the first time the industry is hearing about a ransomware attack demanding money, but it likely won’t be the last.
[Like Healthcare IT News on Facebook]
“It’s a simplistic attack that gets so much attention,” Johnson said, adding that it doesn’t require an advanced skill set to pull off. “More and more [cybercriminals] are starting to do it.”
It’s hard to tell what the effects of the Hollywood Presbyterian attack will be this early on, but it does give other facilities cause to check their security.
“There are likely hundreds of systems infected with the ransomware,” Frantz said. “For an infection to spread on this scale suggests there were larger systemic weaknesses that led to such an incident.”