Hackers have taken the computer system of the Hollywood Presbyterian Medical Center hostage, with the ransom at $3.6 million or 9,000 Bitcoin.
The hospital in Southern California was victimized by ransomware, with the facility's computers now shut down for more than a week as recovery continues. As such, the hospital's staff has been forced to go low-tech to be able to keep up with the hospital's operations.
With access to computer systems blocked, doctors have been communicating through fax messages, nurses are writing down patient information on paper charts and patients are forced to drive back to the hospital to claim test results.
While there are some "old school" nurses that actually prefer the pen-and-paper way of tracking down patient information, Tina Bordas, a nurse at the hospital, has said that operations have been moving slowly.
While that may be the case, the hospital is forced to employ low-tech means to maintain the care of their patients. Some of the more advanced medical equipment that need computers to be operated have also been shut down. That is why patients who depend on these equipment for diagnosis or treatment needed to be transferred to another hospital.
With doctors punching in numbers to send in fax messages and nurses writing things down on paper, with advanced diagnostic and treatment options cut off, the crippling power of ransomware is on full display.
Ransomware is a kind of malware that is usually propagated through malicious downloads and phishing campaigns. When a victim opens the gates by accessing a malicious link, for example, the ransomware installs itself in the victim's computer and its system to encrypt system files.
Once the ransomware is latched on, the system is blocked, usually with a message that if the user does not pay a certain amount to the hacker within a certain time limit, all the files in the system will be deleted.
While it has not yet been determined if hackers were able to extract sensitive information on the hospital's employees and patients, that would not be the case if ransomware was involved. Hackers using ransomware are more interested in acquiring ransom payments as opposed to stealing information.
The business model for ransomware has been a lucrative one for hackers, with security company Bromium estimating that ransomware attacks doubled in number last year compared to 2014. CryptoWall 3.0, one of the leading ransomware tools, was able to bring in about $325 million worth of ransom last year, according to the Cyber Threat Alliance.
An estimate pegs that 44 percent of the victims end up paying the ransom, which is often requested in the form of Bitcoin to make it harder for authorities to trace the identity of the hackers.
The incident brings to light concerns raised by the FBI in April 2014 that the health care industry of the United States is vulnerable to cyberattacks, as cybersecurity in the sector was lagging behind compared to the retail and financial sectors.
With the ransomware affecting all the Hollywood Presbyterian Medical Center's staff and patients, concerns regarding cybersecurity in the health care industry will surely be voiced out once again, especially as hackers have now shown the ability to take hospitals back to the pre-computer age with their attacks.