Last month, a major hospital agreed to pay $17,000 to a group of criminal hackers in order to regain control of its computer network. Actually, the hospital paid 40 bitcoins, the open source digital currency demanded by the hackers.
In a statement shortly after the incident, Allen Stefanek, president of Hollywood Presbyterian Medical Center, defended the decision to play ball with the criminals.
“The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key,” he said in a Feb. 17 statement. “In the best interest of restoring normal operations, we did this.”
He further assured staff and patients that the malware had been cleared from its system.
Hospitals and other health care networks are regularly subjected to cyberattacks, but it’s unprecedented for a provider to pay a ransom.
The incident alarmed the medical community and experts warn that such events could become more and more common.
"Health care is probably 10, 15, 20 years behind the finance, telecom, and other industries, and rapidly catching up, but very much behind,” Aaron Miri, chief information officer for a Dallas medical center, told MedPage Today recently.
The problem, he explained, is that while hospitals and other providers are bound to strict privacy standards, not all of the medical devices they use are required to put in place the rock-solid safeguards that hospitals should guarantee.
Martin Fisher, who is in charge of information security for a hospital in Georgia, told Public Radio International that such attacks will happen again, and that negotiating with crooks sets a bad precedent, but that he understands why Hollywood Presbyterian did it.
“These guys will definitely try it again with other people. I'm sure they're trying it with the thousands of other potential victims,” he said. “My professional information security opinion is I hate the fact that people pay ransom. As a person who's also in the health care industry and is interested in making sure systems come up quickly so we can serve patients effectively and not have patient safety issues, I totally understand why they made that choice.”
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.