Hospital staff severely impeded in their day-to-day work

Feb 14, 2016 23:05 GMT  ·  By

The Hollywood Presbyterian Medical Center, a 430+ bed hospital in the middle of Los Angeles, has been hit by a cyber-attack, and its systems are now being held hostage by hackers that are demanding a ransom.

The incident took place at the start of February but was kept quiet the hospital's staff and management, who called in local police and the FBI to help investigate the incident, along with a cyber-forensics firm.

Hackers want 9,000 Bitcoin

The hackers are requesting a 9,000 Bitcoin ransom, which is about $3.6 million (€3.2 million) in today's currency, to release the "electronic keys" to unlock computers. There are no details about how this happened since everyone is keeping quiet, but two plausible scenarios exist.

The first is that ransomware hit the hospital's IT network and spread to numerous computers via a local LAN server, and the total ransom for each infected computer amounts to around 9,000 Bitcoin.

The second is that hackers breached the hospital's IT network and infected the most important computers with ransomware, asking for more money than usual after realizing the target's potential.

Some hospital departments have been shut down

NBC Los Angeles is reporting that the hospital's IT network has been crippled and that staff is redirecting emergencies to other hospitals.

The hospital's staff is using pen and paper to record patient information, or fax to communicate with other departments, and patients need to come in person to the hospital to pick up test results since the email servers are inaccessible.

Management has also forbidden staff to turn on their computers, fearing more workstations will be affected by the incident. Because computers are crucial for some medical equipment, the hospital's Radiation and Oncology departments have been completely shut down, inside sources admitted for The Medical Quack, a blog for US healthcare news.

"At this time, we have no evidence that any patient or employee information was the subject of unauthorized access or extraction by the attacker," Allen Stefanek, the hospital's CEO, told NBC4.

UPDATE: The hospital's CEO has announced that his institution has paid the ransom and is now operating normally.