Hospital explains decision to pay ransom to hackers

Daily News Article - February 19, 2016


1. How did Hollywood Presbyterian Medical Center respond to ransom demands from hackers?

2. Why did the hospital respond in this way, according to hospital CEO Allen Stefanek?

3. How did the hackers hold the hospital’s computer network hostage?

4. a) What are bitcoins?
b) What is ransomware?

5. How can companies protect their computer systems from ransomware?

6. What information about the case was the reporter unable to ascertain?

7. Consider the following from Computerworld:

This Hollywood hospital didn’t backup its data?

…it appears the hospital failed with its disaster-recovery (DR). Looks like it either didn’t have backups, or the restore failed.

Oopsy daisy, hashtag-fail, oh noes, etcetera. In IT Blogwatch, bloggers see a lesson for all of us: Backups aren’t backups unless you can restore them!

And from Newsweek:

A Los Angeles hospital’s decision to pay a $17,000 ransom to hackers could lead to a proliferation of cyber attacks on critical infrastructure, experts tell Newsweek.

Experts say that succumbing to the hackers’ demands, could make further attacks more likely.

“I think whenever a ransom demand is shown to work for the bad guys—meaning victims pay up—it is an incentive for criminals,” independent cybersecurity expert Graham Cluley tells Newsweek.

“Paying up is definitely not a good thing to do in my opinion. But if an organization has failed to keep properly secured backups I can understand how they might feel they have no alternative.”

Dan Wiley, head of incident response and threat intelligence at the security firm Check Point, believes that attacks like the one against HPMC are likely to increase in scope as they are relatively simple to perform and the payoff was quite high.

All experts agree more needs to be done to prevent such attacks from taking place in the first place. One way of protecting against these types of ransom demands is to make sure data is securely backed up, otherwise they risk facing a “business ending event”. Adam Kujawa, head of malware intelligence at Malwarebytes, tells Newsweek that each successful attack leads to more dangerous versions of malware to be developed.

“Can we point the finger at Hollywood Presbyterian for making the problem worse? Well at least they did it for the sake of being able to help sick people by getting their operations back online,” Kujawa says.

“The truth is, companies and users have been paying off criminals using this kind of threat for years and this is just another example of the bad guys winning because the victims failed to take action before it was too late.”

What do you think: should the hospital have paid the ransom? Explain your answer.