Hollywood Presbyterian hack signals more ransomware attacks to come

Experts says cybercriminals favor these types of attacks because they are reasonably easy to pull off and have a big impact.
By Tom Sullivan
February 17, 2016
08:41 AM

As hackers hold Hollywood Presbyterian Medical Center’s data and demand $3.4 million Bitcoin to give it back, experts say the “hostage situation” likely signals more ransomware attacks to come.

“There is no style to this attack,” said Kevin Johnson, CEO of firm Secure Ideas. Johnson said that it was likely messaging-based, whether a malicious link in an email or perpetrated via a social network and, basically, an employee fell for it.

[Also: Hollywood Presbyterian declares emergency after hackers cut off data]

Such attacks are particularly alluring to cybercriminals, in fact, because they are reasonably easy to pull off and have a big impact. 

The Hollywood Presbyterian situation is not the first ransomware attack. But in other high-profile instances, including Anonymous’ DDoS attack on Boston Children’s and the more recent hit on Flint, Michigan-based Hurley Medical Center, the attackers acted as hacktavists looking for either the release of a patient or what they called “justice” for Flint’s water crisis.

In the case of Hollywood Presbyterian, however, the cybercriminals are demanding the hospital pay a $3.4 million ransom if they want their data back.

In the meantime, executives declared the hospital in a state of emergency and employees are reverting to paper and faxes to communicate.

“This incident really sheds light how weak the core of many providers' internal infrastructure is,” said Elliott Frantz, CEO of Virtue security. “It's very common for hospitals to have a large number of outdated and vulnerable systems on the network.”

What’s more, Hollywood Presbyterian might be the first time the industry is hearing about a ransomware attack demanding money, but it likely won’t be the last.

[Like Healthcare IT News on Facebook]

“It’s a simplistic attack that gets so much attention,” Johnson said, adding that it doesn’t require an advanced skill set to pull off. “More and more [cybercriminals] are starting to do it.”

It’s hard to tell what the effects of the Hollywood Presbyterian attack will be this early on, but it does give other facilities cause to check their security.

“There are likely hundreds of systems infected with the ransomware,” Frantz said. “For an infection to spread on this scale suggests there were larger systemic weaknesses that led to such an incident.”

Twitter: @SullyHIT

Topics: 
Privacy & Security

More regional news

VA building signage

House passes veterans healthcare package without RESET Act

By
Andrea Fox
November 21, 2024
David Miles of Oklahoma Heart Hospital

Deep dive: A tour of all-digital Oklahoma Heart Hospital, where automation is the norm

By
Bill Siwicki
November 21, 2024
Healthcare workers looking at X-ray images on monitors

Streamlining healthcare operations with multicloud-by-design

November 21, 2024
Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.

Top Story

VA building signage
House passes veterans healthcare package without RESET Act

Most Read

Particle Health files antitrust suit against Epic
Choosing a managed IT service for aged care
ASTP intros 2024 draft Federal FHIR Action Plan
CrowdStrike all but assures Capitol Hill: Never again
Korea's largest hospital bags APAC's first Stage 6 of new INFRAM
Sens. Warner & Wyden seek healthcare cybersecurity mandates in new bill

Research

White Papers

More Whitepapers

Patient Engagement
Patient Engagement
Financial/Revenue Cycle Management

Webinars

More Webinars

Imaging
Interoperability
Artificial Intelligence

Video

David Miles at Oklahoma Heart Hospital_Part 1_Doctor holding health icon Photo by Tippapatt/iStock/Getty Images Plus
The CIO of an all-digital hospital walks readers through its successes
Dr Alice Sutedjo Lisa at SMC Telogorejo Hospital_HIMSS24 APAC
Assisting the elderly in digital care
Dr. Benoit Desjardins of the University of Montreal
Cyberattacks are becoming more widespread, and more disruptive
George Pappas at Intraprise Health_Digital shield and lock Photo by da-kuk/Getty Images
Tighter cyber mandates hold New York providers to higher security standards

More Stories

BJ Schaknowski of symplr
Too many IT systems with limited alignment impacts care quality
Doctor in scrubs using computer
Tenet to deploy AI platform across its physician network
Healthcare CIO with other healthcare executives
Health system CIOs' strategic responsibilities continue to evolve
George Pappas at Intraprise Health_Digital shield and lock Photo by da-kuk/Getty Images
Tighter cyber mandates hold New York providers to higher security standards
Clinicians look at diagnostic imaging
American College of Radiology launches AI quality registry
A doctor with glasses sits at a desk and speaks during a telehealth visit.
DEA and HHS extend virtual prescribing for controlled substances through 2025
Dr. Jay Anders at Medicomp Systems_Computer chip with stethoscope Photo by Just_Super/iStock/Getty Images Plus
Transparency and responsible AI are crucial for medical devices
George Pappas of Intraprise Health on cybersecurity
How to protect telemedicine from cyberattacks