Hospital Falls Victim to Hackers
- By Sydny Shepard
- Mar 24, 2016
Hackers continue to take advantage of the weak security systems hospitals have in place. This time, it was Methodist Hospital in Kentucky.
Methodist Hospital was operating “in an internal state of emergency” on March 18, according to its website, after a section of its computer network had been rendered useless.
The hospital had gotten hit with some ransomware, a particularly nasty type of computer virus that encrypts computer files. Hackers don’t give you the key to unlock the documents until they are paid a ransom, ergo ransomware.
An email laced with the inconvenient virus managed to make it past the hospital’s spam filter, according to a prepared statement by the hospital. Methodist said, “no patient data or records were compromised.” However, it did not clarify what documents were affected.
The hospital also did not release how much money was requested, but cybersecurity reported Brian Krebs revealed that hackers demanded four bitcoins, only $1,656 at today’s exchange rate.
That is usually how these types of things play out. The hackers don’t usually focus on extorting a particularly wealthy person or company; they attack the masses, hoping to rake in a little money from a lot of people. By keeping the ransom low, the hackers are increasing the likelihood that someone would pay it to get their files back.
In the case of Methodist Hospital, however, the hackers might have to admit defeat. The hospital is refusing to pay up. They have since shut down the infected part of the system and have been working off backup copies of the documents. It is unclear if the documents that were infected and not backed up are now permanently deleted.
The hospital is working with the FBI and the local Henderson Police Department to find the hackers that have plagued their system.
Sydny Shepard is the Executive Editor of Campus Security & Life Safety.