CRIME Hack Attack: Hollywood hospital victim of cyber attack;records being held for $3.6m ransom

[Housecarl]

I did a site search and from what I could tell this hasn't been posted yet. If a dupe my apologies.....

For links see article source.....
Posted for fair use.....
http://www.foxla.com/news/local-news/89941411-story

Hack Attack: Hollywood hospital victim of cyber attack

By: Christine O'Donnell
Posted:Feb 12 2016 07:34PM PST
Updated:Feb 12 2016 07:34PM PST

FOX 11 - A large hospital in Hollywood has enlisted the FBI and the LAPD in it's fight against a cyber attack. Hollywood Presbyterian Medical Center says they're in the midst of an "internal emergency."

The attack began last Friday. Hospital workers say the computers have been shut down after the hackers locked patient files in exchange for a ransom.

Melissa Garza is one of hundreds of patients still being treated at the hospital.

"I wasn’t feeling very well, went in for a checkup and they said they’re computers were down. I asked, what’s going on here and they said we were hacked," Garza said.

While the hospital says patient care hasn’t been compromised, they admit the hack has impacted their day-to-day operations causing some hold ups in the Emergency Room.

That's where Jeff Wilkinson says he was waiting with his daughter for hours.

"I’m surprised they didn’t tell us this," Wilkinson said regarding the attack. "Coming in [you'd think they would say] that there might be some delay because of it, I’m at a loss for words," Wilkinson said.

This hack attack is not a usual one. FOX 11's Christine O'Donnell wanted to know why hackers would target a hospital and how easy it would be. So, she took those questions to long-time computer forensics we took those questions to a computer forensics expert

Eric Robi has worked in computer forensics for 13 years.

"I don’t know why they chose a hospital specifically." Robi said. "Maybe they're thinking it’s a greater sense of urgency because it’s a hospital and the’ll get payed," Robi said.

Robi says he's worked half a dozen cyber attacks against LA businesses in the past year, but the ransom was no where near as high as it is at the Medical Center.

"The hackers have demanded, I think 9,000 bitcoin or so that’s a little over $3 Million," Robi said. It's an unfortunate hack, a ransomware hack where they're asking for money in exchange for unlocking records at the hospital," Robi said.

He says most of the time it's cheaper to pay the ransom than to pay to fix the problem.

"They're horrible, I know," Robi said.

 

[Housecarl]

For links see article source.....
Posted for fair use.....
http://www.computerworld.com/articl...are-hackers-demand-3-6-million-as-ransom.html

Security Is Sexy
By Darlene Storm
News Analysis

Hollywood hospital hit with ransomware: Hackers demand $3.6 million as ransom

Ransomware has locked up a Hollywood hospital’s computers for over a week as hackers demand $3.6 million in ransom.

Computerworld | Feb 15, 2016 6:39 AM PT

No matter where you work, you don’t want to be told there is an “internal emergency” and you can’t use the computers, but that is precisely the situation at a Hollywood hospital which is a ransomware victim. The attacker demanded an exorbitant 9,000 bitcoin, which is roughly 3.6 million dollars, to unlock the computers.

Hollywood Presbyterian Medical Center President and CEO Allen Stefanek admitted the hospital is suffering from “significant IT issues and declared an internal emergency.” He declined to confirm the 9,000 BTC ransom to NBC4, calling the attack “clearly not malicious” but “random.”

A doctor who wished to remain anonymous told NBC Los Angeles the computer system has been locked up for over a week and the staff was “unable to pull up any patient records.” 911 patients who were not were diverted to other emergency rooms had to register the old-school way – on paper – the same goes for charting patients’ medical records.

Hospital departments have been forced to communicate via “jammed fax lines” and over the phone, added the unnamed staff doctor. “I was told that the hackers demanded 9,000 bitcoin be electronically sent to them, and in exchange, the hackers would send back the key codes to restore the system.”

Although Stefanek claimed the hospital has been “sporadically impacted” for over a week, one hospital tech said Radiation Oncology has been forbidden to turn on its computers and cannot treat patients.

A “full computer shutdown” means the staff can forget about using email and patients can forget about picking up x-rays, CT scans, lab work or other digital records on site; one frustrated woman told NBC the hospital told her it “was hacked,” while other patients are given no explanation as to the long delays in receiving care. The inability to access patient records was dubbed a “very dangerous” situation.

“Patient privacy has not been compromised,” added Stefanek. “At this time we have no evidence that any patient or employee information was subject to unauthorized access or extraction by the attacker.”

The type of ransomware has not been reported as law enforcement works to trace the attacker. Besides the FBI, the LAPD and a cyber forensic team are also investigating the ransomware attack.

Computer forensic expert Eric Robi told Fox 11 that he didn’t know why a hospital was targeted, but the attackers might think “it’s a greater sense of urgency because it’s a hospital and they’ll get payed.”

After analyzing cybersecurity and online privacy trends, the Online Trust Alliance (OTA) reported that cybercriminals are cherry-picking ransomware victims such as businesses with valuable data. Ransom demands are changing from “opportunistic extortion to being market-based;” OTA Executive Director Craig Spiezle explained, “Much like surge pricing for taxis, cybercriminals now target and calculate their ransomware pricing based on company size, market value and much more.”

Most security professionals predict ransomware attacks will only continue to increase. While you frequently hear not to pay extortion, Robi suggested “most of the time it’s cheaper to pay the ransom than to pay to fix the problem.”

 

[Millwright]

Cedars Sinai ?

 

[Housecarl]

Cedars Sinai ?

Hollywood Presbyterian Medical Center

 

[packyderms_wife]

It was only a matter of time before this happened, hope they find the creeps that did this and soon.

 

[Housecarl]

It was only a matter of time before this happened, hope they find the creeps that did this and soon.

Yeah, just gives me the willies considering the Feds push to digitize medical records.

 

[bw]

By: Christine O'Donnell ... in it's fight ... causing some hold ups ... the’ll get payed

Christine needs some remedial English work.

 

[Bardou]

Next thing they will do is hold wealthy patients records (Hollywood types - actors and actresses) for ransom. Either pay a ransom or we release them to the public. These are worthless scum bags. If and when they ever find them, just kill them right on the spot.

 

[Housecarl]

Next thing they will do is hold wealthy patients records (Hollywood types - actors and actresses) for ransom. Either pay a ransom or we release them to the public. These are worthless scum bags. If and when they ever find them, just kill them right on the spot.

No, old school scourging and crucifixion.

 

[Bardou]

Christine needs some remedial English work.

At least a spell checker. "it's and its" is a common error that I see all the time. "the'll (they'll) must be a typo, dunno. Doctors and engineers are the worse spellers I've ever met.

 

[Bensam]

Damn right and may it be by a very painful methodology.......

Next thing they will do is hold wealthy patients records (Hollywood types - actors and actresses) for ransom. Either pay a ransom or we release them to the public. These are worthless scum bags. If and when they ever find them, just kill them right on the spot.

 

[hiwall]

How long until they shut off electric power and demand a big ransom?

 

[Housecarl]

How long until they shut off electric power and demand a big ransom?

In the US, probably a lot sooner than anyone wants to think about.

 

[gonewacky]

What a hoot! Let the games began. It’s first and ten on the twenty.

Joe

 

[packyderms_wife]

Yeah, just gives me the willies considering the Feds push to digitize medical records.

I had a feeling this would be happening and soon.

Last summer there was an article posted here about medical devices and how easy it is to hack them. I figured it wouldn't take much to get into the hospitals main system through something as mundane as an IV pump. Devices such as copiers, etc., are really easy to hack, as I proved to a local dentist office when they told me they didn't have wifi for public access.

Well it turns out their copier was wifi and I managed to access their system through the copier, one click on the wifi hotspot link and poof you could see everything. I then asked the head receptionist/office manager if she was sure the public couldn't access their wifi and she insisted "no" and then I showed her my tablet, and explained all I did was do a search for a hot spot and poof. She about crapped her pants, she then proceeded to give their IT guy an ass chewing of a life time.

Mind you when it comes to electronics, etc., I'm your typical village idiot, so if I could get into their system by simply clicking on a link for a hot spot (wifi) can you imagine the damage someone who has evil intentions could do??? And there are MILLIONS of these devices/places around the US all sitting there easily hacked. Oh and yes I did shut down the hot spot, it's not in my nature to hack someone, but I did think she really needed to know that they did indeed have an unsecured wifi hot spot.

 

[jenzie]

these are so pathetic
all they do is insert a bit of code BEFORE the boot-up sequence and doesn't encrypt anything
a MASSIVE CON

 

[Housecarl]

For links see article source.....
Posted for fair use.....
http://www.defenseone.com/threats/2...os-angeles-hospital/125991/?oref=d-channeltop

A Cyberattack Has Paralyzed a Los Angeles Hospital

11:14 AM ET By Kaveh Waddell The Atlantic

Doctors have been locked out of patient records for more than a week by hackers who are demanding money to release the data.
Cyber / Homeland

A hospital in Los Angeles has been operating without access to email or electronic health records for more than a week, after hackers took over its computer systems and demanded millions of dollars in ransom to return it.

The hackers that broke into the Hollywood Presbyterian Medical Center’s servers are asking for $3.6 million in Bitcoin, a local Fox News affiliate reported. Hospital staff are working with investigators from the Los Angeles Police Department and the FBI to find the intruders’ identities.

Meanwhile, without access to the hospital’s computer systems, doctors and nurses are communicating by fax or in person, according to an NBC affiliate. Medical records that show patients’ treatment history are inaccessible, and the results of X-rays, CT scans, and other medical tests can’t easily be shared. New records and patient-registration information are being recorded on paper, and some patients have been transferred to other hospitals.

A recording on a media-relations phone line at the hospital said that “patient care has not been compromised” after the cyberattack, but a spokesperson was unavailable for further comment.

The fact that hackers were able to encrypt patient records doesn’t necessarily mean they gained access to those files, but the goal of this type of cyberattack isn’t to get to patient information; it’s to make sure that the hospital can’t get to it, either. Viruses and malware that take over a server or a computer and demand money to return it are known as ransomware. The tactic has spread in popularity in recent years, as hackers take advantage of the increase in networked devices, gadgets, and servers.

Alan Stefanek, the CEO and president of Hollywood Presbyterian, told NBC reporters that the cyberattack on his hospital was “random” and not malicious. If that’s the case, then it’s possible someone at the facility clicked on an infected link in an email or a pop-up ad and introduced a virus onto the hospital network.

When a ransom-seeking virus infects a computer or server, it starts by encrypting the contents of the device. Using publicly available encryption methods, an attacker can lock up the contents of a device so effectively that even the FBI has given up on decryption efforts in the past. The attacker then offers the key to the victim’s now-encrypted files back to the user—for a price. The average ransom demand is just $300, but if a hacker knows they’ve bested a wealthy organization desperate for its data back, they’re likely to dream much bigger.

If the hospital chooses to pay the ransom, or negotiate terms for the release of its data, it will not be the first health-and-safety organization to do so. When a number of small police departments in Massachusetts, Tennessee, and New Hampshire were hit with separate ransomware attacks, all three paid between $500 and $750 to get their data back.

Those departments paid because the data they’d lost was essential, and federal law-enforcement attempts to defeat the ransomware were unsuccessful. Hollywood Presbyterian patient-record history and email archives are likely just as indispensable, but the reported seven-digit asking price dwarfs the $500 hackers got from the police departments.

While it’s unlikely that the facility will pay millions of dollars to restore its databases and systems, it’s in desperate straits without a backup of its patient files. Unless law enforcement can break the encryption keeping the data hostage, the hospital may be forced to start from scratch.

 

[Dennis Olson]

Keywords:

WITHOUT A BACKUP


Would you want to be treated at a hospital which was so poorly run that its IT department was completely incompetent?


Me neither....

 

[packyderms_wife]

Keywords:

WITHOUT A BACKUP


Would you want to be treated at a hospital which was so poorly run that its IT department was completely incompetent?


Me neither....

It's definitely concerning, and it's not just hospitals it's also clinics, dental offices, etc. There have been repeated news stories about the hackability of medical devices, copiers, etc., that allow these creeps in the back door, thus allowing them to take an entire system hostage, and yet most IT services at the majority of these places are totally clueless about these back doors. And don't forget the idiot employees that don't want to have to use a password to use the copier either, they are also apart of the problem.

 

[ainitfunny]

I wonder how many others, LIKE ME, misread the title to mean that it was a report of an INDIVIDUAL hospital patient who had his medical records hacked, and passed over reading this thread?

Somehow today, I read the title and just realized that the story was about a WhOLE HOSPITAL that was hacked and everyone's medical record held hostage!!

Maybe a title rewording is advisable?

 

[packyderms_wife]

I wonder how many others, LIKE ME, misread the title to mean that it was a report of an INDIVIDUAL hospital patient who had his medical records hacked, and passed over reading this thread?

Somehow today, I read the title and just realized that the story was about a WhOLE HOSPITAL that was hacked and everyone's medical record held hostage!!

Maybe a title rewording is advisable?

It's on the CBS Evening news right now, it's definitely a black eye for this hospital.

 

[Dennis Olson]

And maybe you need better glasses...?

 

[mzkitty]

24m
Los Angeles hospital paid ransom in bitcoin equivalent to about $17,000 to hackers, CEO says - AP

February 17, 2016 5:10 PM

LOS ANGELES (AP) — The chief executive of a Los Angeles hospital says it paid a ransom in bitcoins equivalent to about $17,000 to hackers who infiltrated and disabled its computer network.

Hollywood Presbyterian Medical Center CEO Allen Stefanek said in a statement Wednesday that paying the ransom of 40 bitcoins was “the quickest and most efficient way to restore our systems and administrative functions.” He says the hospital did it in the interest of restoring normal operations.

Stefanek says the hospital first noticed the malware in its computer system on Feb. 5, and normal operations were restored on Monday, 10 days later.

He said patient care was not affected, and there’s no evidence patient data was compromised.

FBI spokeswoman Laura Eimiller says the agency is investigating the extortion plot, often called “ransomware,” but she couldn’t immediately provide further details.

http://losangeles.cbslocal.com/2016...of-its-computer-network/#.VsUaL_n4iMI.twitter

 

[Voortrekker]

At least a spell checker. "it's and its" is a common error that I see all the time. "the'll (they'll) must be a typo, dunno. Doctors and engineers are the worse spellers I've ever met.

...and it's paid, not payed. Laid, not layed. Too common as with can not for cannot. Drives me crazy, all that (public) schooling and they learned nothing...

 

[steve graham]

24m
Los Angeles hospital paid ransom in bitcoin equivalent to about $17,000 to hackers, CEO says - AP

February 17, 2016 5:10 PM

LOS ANGELES (AP) — The chief executive of a Los Angeles hospital says it paid a ransom in bitcoins equivalent to about $17,000 to hackers who infiltrated and disabled its computer network.

Hollywood Presbyterian Medical Center CEO Allen Stefanek said in a statement Wednesday that paying the ransom of 40 bitcoins was “the quickest and most efficient way to restore our systems and administrative functions.” He says the hospital did it in the interest of restoring normal operations.

Stefanek says the hospital first noticed the malware in its computer system on Feb. 5, and normal operations were restored on Monday, 10 days later.

He said patient care was not affected, and there’s no evidence patient data was compromised.

FBI spokeswoman Laura Eimiller says the agency is investigating the extortion plot, often called “ransomware,” but she couldn’t immediately provide further details.

http://losangeles.cbslocal.com/2016...of-its-computer-network/#.VsUaL_n4iMI.twitter

Omg!

 

[Michiana MaJo]

I think it's just you, Anit.

 

[mzkitty]

Omg!

True, but at least they got them down from 3+ million.

So I just wonder how many more times this will happen now.

 

[hiwall]

True, but at least they got them down from 3+ million.

So I just wonder how many more times this will happen now.

I wonder if they did get them down or if they actually paid much more than the $17,000 but don't want to say and encourage other hackers with the big payoff?