Los Angeles Hospital Pays Ransom in Bitcoins to Network Hackers

Los Angeles Hospital Pays Ransom in Bitcoins to Network Hackers
In this July 22, 2003, file photo, nurses evacuate a patient after a fire broke out on the third floor of the 434-bed the formerly named Queen of Angels-Hollywood Presbyterian Medical Center, with visibly blackened windows, in the Hollywood section of Los Angeles. The FBI says Wednesday, Feb. 17, 2016, it is investigating a computer network extortion plot at the Los Angeles hospital. In the attacks known as "ransomware," hackers lock up an institution's computer network and demand payment to reopen them. FBI spokeswoman Laura Eimiller said Wednesday that the agency is investigating such a plot at the Hollywood Presbyterian Medical Center. AP Photo/Nick Ut, File
The Associated Press
Updated:

LOS ANGELES—A large Los Angeles hospital chose to pay hackers who were holding its computer network hostage, a move its CEO said was in its best interest and the most efficient way to end the problem.

Hollywood Presbyterian Medical Center showed uncommon transparency in saying Wednesday that it paid the 40 bitcoins — or about $17,000 — demanded when it fell victim to what’s commonly called “ransomware.”

The hacking tactic is growing fast against both individuals and institutions, but it’s difficult to say exactly how fast, and even tougher to say how many pay up.

“Unfortunately, a lot of companies don’t tell anybody if they had fallen victim to ransomware and especially if they have paid the criminals,” said Adam Kujawa, Head of Malware Intelligence for Malwarebytes, a San Jose-based company that recently released anti-ransomware software. “I know from the experiences I hear about from various industry professionals that it’s a pretty common practice to just hand over the cash.”

Computer security experts normally recommend people not pay the ransom, though at times law enforcement agencies suggest they do, Kujawa said.

The FBI said it is investigating the ransomware attack, but have provided no details beyond that.

During 2013, the number of attacks each month rose from 100,000 in January to 600,000 in December, according to a 2014 report by Symantec, the maker of antivirus software.

A report from Intel Corp.’s McAfee Labs released in November said the number of ransomware attacks is expected to grow even more in 2016 because of increased sophistication in the software used to do it. The company estimates that on average, 3 percent of users with infected machines pay a ransom.

The infiltration at Hollywood Presbyterian was first noticed on Feb. 5, CEO Allen Stefanek said in a statement. Its system was fully functioning again by Monday, 10 days later.

The hospital did not say whether anyone in law enforcement or the technology business had recommended it pay off the hackers and quickly obtain the digital key used to be able to access its data again.

“The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key,” Stefanek said. “In the best interest of restoring normal operations, we did this.”

Neither law enforcement nor the hospital gave any indication of who might have been behind the attack or whether there are any suspects.

Bitcoins, the online currency that is hard to trace, is becoming the preferred way for hackers collect a ransom, FBI Special Agent Thomas Grasso, who is part of the government’s efforts to fight malicious software including ransomware, told The Associated Press last year.

Patient care at Hollywood Presbyterian was not affected by the hacking, and there is no evidence any patient data was compromised, Stefanek said.

The 434-bed hospital in the Los Feliz area of Los Angeles was founded in 1924. It was sold to CHAMedical Center of South Korea in 2004. It offers a range of services including emergency care, maternity services, cancer care, physical therapy, and specialized operations such as fetal and orthopedic surgeries.

___