A large Hollywood hospital was hit with a catastrophe straight out of its own Hollywood movie last month, when a malware attack on its internal network led to a system-wide shutdown. After a struggle to regain access to patient data, Hollywood Presbyterian Medical Center (HPMC) eventually paid their attackers a $17,000 ransom to obtain the malware’s decryption key and restore normal operations.
According to a statement released by President and CEO Allen Stefanek, HPMC first discovered the attack on February 5, after IT began investigating complaints from staff about difficulties in accessing the system. The malware had locked access to the hospital’s electronic health record (EHR) by encrypting files and preventing any outgoing communication.
As a result, HPMC systems that were responsible for CT scans, lab work, and pharmacy needs were shut down for over a week. Staff had to rely on fax machines and telephones to get by, and registrations and medical records were logged by pen and paper. Some patients were also transported to other hospitals, as law enforcement and computer experts worked to identify the attackers and recover the systems.
The hackers held the data systems hostage, demanding 40 bitcoins (or $17,000) for its release. Stefanek said he believes paying the ransom was the right course of action.
“The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key. In the best interest of restoring normal operations, we did this," he wrote in a statement on HPMC’s website.
As of February 15, HPMC had restored its electronic medical record system and cleared all systems of the malware, Stefanek wrote. “It is important to note that this incident did not affect the delivery and quality of [patient care]. Patient care has not been compromised in any way. Further, we have no evidence at this time that any patient or employee information was subject to unauthorized access.”
He also thanked the staff and computer experts for their dedicated effort, as well as the patients for their continued support.
This whole incident, while extreme, is not uncommon. Hackers caused 98% of healthcare data breaches in 2015—an 80% increase in data breach hacks since the previous year, according to the Bitglass 2016 Healthcare Breach Report. What exactly makes healthcare and medical data so appealing to cyber attackers?
Protected patient health information (PHI) has incredible value on the black market. Unlike credit card breaches, PHI breaches are not as easily discovered or terminated. Also, hackers can use the data for identity theft, leverage it to access medical care, or conduct corporate extortion. And since health information includes data that could potentially influence a person’s life—hospitals would be more inclined to pay up, fast.
“Health care data is more valuable to hackers than credit cards since more information can be gleaned from it,” Larry Whiteside, Jr, vice president of health care and critical infrastructure of a cyber security solutions firm in Denver, said during a podcast
with the Wharton School of the University of Pennsylvania. “It is the beginning of a pandemic hitting health systems in the next few years.”
Experts say immediate steps must be taken to stem this growing threat of cyber attacks on medical institutions.
“The 80 percent increase in data breach hacks in 2015 makes it clear that hackers are targeting healthcare…” Bitglass CEO Nat Kausik said in a statement
. “Healthcare organizations must embrace innovative data security technologies to meet security and compliance requirements.”