Hollywood Presbyterian Hospital is an old and respected medical center deep in the heart of Hollywood. Its stucco buildings and the nurses and doctors within its walls have been healing and caring for Hollywood residents since 1924. On February 5th, they experienced what all Health Care facilities fear. Their technology infrastructure came to a grinding halt. They were victims of a cyber attack.
What happened at Hollywood Presbyterian?
Cyberattackers anonymously hacked Hollywood Presbyterian’s server deploying the ever popular malware- ransomware. The attack left the hospital with no access to their email or electronic health records.
The damage caused by the attack was massive. Without access to the hospital’s computer systems, doctors and nurses had to communicate by fax or in person. Medical records that show patients’ treatment history were inaccessible, and the results of X-rays, CT scans, and other medical tests were not easily shared. New records and patient registration information were being recorded on paper, and some patients were being transferred to other hospitals. Add to this hardship, the hackers kept threatening them they might never get all their vital information back unless the hospital paid the ransom.
After a week of seeing the harm it was causing to the efficiency of its operations, management decided to pay the $17,000. This is what the CEO and president, Allen Stefanek had to say, “the quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key. In the best interest of restoring normal operations, we did this.” With that payment, they instantly regained access to their medical records and IT systems, but at a price. Is this a happy ending?
Cyberattacks are increasing in frequency and cost.
In 2015 alone the cost of breaches and malware for the healthcare industry was estimated at $5.6 billion dollars. Vikas Singla, CIO of Securolytics is an expert on IT security and has studied the rapid growth of data breaches and malware in the Healthcare sector. He warns, ”Presbyterian is not the first ransomware attack and it will not be the last. The trend is upward, not downward.”
What can Healthcare facilities do?
Mr. Singla continues, “It’s important for the industry to know that the technology is there to beat these criminal attacks. With the new proactive and behavioral technology we believe there is no need for organisations large or small to lose time, energy and resources… no reason to always be on the defensive against cyber criminals. His advice, “It’s time to update your technology and invest in the future…not pay ransoms.”