Ransomware has moved a few places up the list of concerns facing biotech IT teams. Worries about the phenomenon, in which hackers hold computer files ransom, escalated after hackers took hold of a California hospital's IT system and reportedly demanded around $3.5 million to relinquish control.
Hollywood Presbyterian Medical Center, the victim of the attack, has now settled the case after being cut off from its email and electronic health record systems for almost two weeks. During that time, the FBI and LAPD investigated the case, but, as in previous ransomware attacks, it appears that attempts to counter the encryptions placed on the files were thwarted. As The Atlantic, which picked up the story after an NBC affiliate broke the news, notes, the FBI itself has thrown in the towel when faced with decryption tasks in the past.
Consequently, many victims of ransomware simply pay up to regain control of their files. The stakes in the case of the Los Angeles medical center were different, though. While small U.S. police departments have paid no more than $750 to regain access to their files, the hackers that had control of Hollywood Presbyterian's files were reportedly demanding around $3.5 million, although the CEO of the hospital subsequently called this figure false. Ultimately, Hollywood Presbyterian paid $17,000 in bitcoins to resolve the situation.
The sum, while far less than the hackers reportedly first demanded, is still significantly more than is typically paid in ransomware cases. For the hospital, the fee nonetheless represented the "quickest and most efficient way to restore our systems and administrative functions," it said in a statement. Refusing to pay would have forced the hospital to continue operating without access to medical notes and scans housed on its IT system.
While these factors make hospitals a particularly vulnerable and valuable target for a ransomware attack, Hollywood Presbyterian doubts it was selected deliberately. In this scenario, the hackers could have gained access to the IT system when a staffer clicked on an infected link.