LA hospital coughs up $17,000 to free PCs held to ransom by hackers A hospital in Los Angeles, California, has paid a US$17,000 (£11,900, AU$23,800) ransom to hackers who injected its computers with malware that scrambled its files. It appears PCs at the Hollywood Presbyterian Medical Center were infected and paralyzed by ransomware, which silently encrypts documents and refuses to hand over …
Sir, That's somewhat unfair. It's actually one of the better real healthcare establishments in the area. An honest, no-nonsense, getting ailing people well again, proper (& charitable) hospital. Of all the wellness corporations infesting the area (Cedars Sinai, Kaiser Permanente, even UCLA) HPMC has to be the VERY LEAST deserving of that sort of quip.
Sincerely,
Incensed Old Git
E. Hollyweird
(No I don't work there)
Allen Stefanek, the hospital's CEO, said in a statement on Wednesday that the 40 Bitcoin ransom was coughed up as it was "the quickest and most efficient way to restore our systems and administrative functions."
this points to exactly a failed backup and recovery methodology... sad sacks like this is what keep the ransomeware industry going :(
this points to exactly a failed backup and recovery methodology...
Maybe, not exactly. Unless a lot more than one user clicked the wrong thing at the same time, the principal of least privilege failure comes first, then the disaster recovery failure.
But there were probably a few more before either one.
>I'm bit hazy about medical matters but I think this means they can't be infected with this again, due to the immune system. Could other hospitals be vaccinated against this?
Yes, the immune system is a good backup plan, do away with MS Windows workstations everywhere, after all, a *NIX server (Linux or FreeBSD) costs less in licensing than a workstation with MS Office, let alone a Linux/FreeBSD workstation.
Besides, you do not really need support, if you look at the quality of support from Redmond. I had to call to request a few DLL's for Windows 8.1, it turns out the fact that a number of Windows DLL's in Windows 8.1 have missing exports, even for user32.dll (another MS Windows DLL), is BY DESIGN.
We are talking c++ runtime, here, for the interested.
Why are you paying for support, again ?
"after all, a *NIX server (Linux or FreeBSD) costs less in licensing than a workstation with MS Office,
Not for a supported version it doesn't - just go look at RedHat or SUSE prices. Not to mention the cost of migration.
"let alone a Linux/FreeBSD workstation."
If your time has no value, and migrating was free and everything you wanted was available and also free...
"Besides, you do not really need support"
I think most companies (and hospitals) would disagree. You need support and you need an SLA.
Doesn't sound like someone did the maths wrong. I found what is so far the only relevant comment on the matter from the hospital CEO.
"The reports of the hospital paying 9000 Bitcoins or $3.4 million are false. The amount of ransom requested was 40 Bitcoins, equivalent to approximately $17,000."
The question now is who came up with the 9000 Bitcoins figure, and why.
I think that would require a rather substantial amount of luck. Never heard of it happening before, unfortunately. That said, it seems possible, and I'd expect they could even get some cooperation from the Bitcoin community on this, unlike say with drugs and gambling where the libertarian leaning user base is not too sympathetic.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
