Computer systems at Hollywood Presbyterian Medical Center have been offline for more than a week following a ransomware attack. According to local news sources, hackers were said to have demanded $3.4m (£2.4m) to provide the codes to unlock the stolen data. The hospital has confirmed the attack took place, but has not commented on the ransom. A voicemail message at the hospital reassures patients that medical records had not been accessed by the hackers. Investigations into the source of the attack – which hospital officials said appeared to be random rather than targeted at the facility – are being conducted by the FBI, Los Angeles Police and computer forensics experts hired by the hospital. The hospital insists that day-to-day operations have not been impacted, although many tasks normally carried out on computer are now being done on paper, much to the frustration of staff. Patients are also being told they must travel to pick up medical test results in person rather than receive them electronically.
Ransomware attacks are increasingly common, and are difficult to fully protect against. Malicious software is placed on a computer – often via phishing attacks – and proceed to lock up files. Ransomware will typically try to extort money from the user quickly, saying that if the demand is not met, the files will be deleted. The most common type of ransomware is a malware package known as Cryptolocker, which experts say has infected hundreds of thousands of machines around the world.