2016 Has Arrived – the First of Many Shoes to be dropped unfortunately. My apologies for the sensationalist story…
Wired magazine Story¹
Los Angeles Hospital Presbytarian Medical center computers have not worked for a week – being ransomed for $3.4Mil in bitcoin and “only then” will get back in business.
Even now the CEO Allen Stefanek told KNBC “Clearly not a malicious attack; just random”. So it is obvious that the CxOs are still confused about Cybersecurity.
Here is the KNBC video shot :
http://www.nbclosangeles.com/news/local/Hollywood-Hospital-Victim-of-Cyber-Attack-368574071.html
“patient care is not being compromised” says CEO
Hmm ‘patient care is not affected’ – that can’t be true. there is a delay when patients need care.
the last bit on the news was “Hospital has hired a Cyber forensics team to get to the bottom of it”.
Great the only time money is spent for sure is during and after the breach.
The FBI is also investigating.
On the CEO’s LinkedIn page² there are all sorts of credentials and Responsibilities including maintaining financial health and stability – promoting healthcare and patient experience/satisfaction.
Well, I guess that went awry for a week at least.
I realize this is a bit sensational and in fact I don’t like to do this often, but I have been keeping my eyes open for a major Cyber Attack that was slightly different than before.
Another video³ on KNBC has confirmed that “911” i.e. emergency room patients are being diverted to other hospitals.
Another good quote: “Radiation Oncology is not allowed to turn on their computers”
Remember that copycats will try and reproduce this attack that is the only reason I am “Shouting from the rooftop”.
All CEO’s in Healthcare institutions need to review their backup and restore procedures. Their Cybersecurity systems and what they are doing to protect patient data as well as other data and general well being of their computers.
All it takes is to get ransomware and for it to proliferate for you to jump in the news cycle on local news.
If it is really $3.4mil that is being ransomed and each computer is $500 ransom then there must be 6800 computers that were infected at the hospital.
If you are in a position to talk to a CxO then there is no time to lose:
remember do not pay the ransoms – have backups available – get your IT house in order – make it happen otherwise circumstances will push themselves on to you.
Test your backups, because if you DO NOT TEST it is not a backup. Must test restore at least once.
Contact Us to discuss.
This is one of those cases where, if you can identify the perpetrators, I don’t care what steps are taken to bring them into the country for trial.
Yes David, that would be great… but attribution is very hard to do. Unless the criminal actually leaves some kind of bread crumbs.
Definitely some good forensic work needs to be done and bring FBI/Interpol into the equation.