Last month, a major hospital agreed to pay $17,000 to a group of criminal hackers in order to regain control of its computer network. Actually, the hospital paid 40 bitcoins, the open source digital currency demanded by the hackers.
In a statement shortly after the incident, Allen Stefanek, president of Hollywood Presbyterian Medical Center, defended the decision to play ball with the criminals.
“The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key,” he said in a Feb. 17 statement. “In the best interest of restoring normal operations, we did this.”
He further assured staff and patients that the malware had been cleared from its system.
Hospitals and other health care networks are regularly subjected to cyberattacks, but it’s unprecedented for a provider to pay a ransom.
The incident alarmed the medical community and experts warn that such events could become more and more common.
"Health care is probably 10, 15, 20 years behind the finance, telecom, and other industries, and rapidly catching up, but very much behind,” Aaron Miri, chief information officer for a Dallas medical center, told MedPage Today recently.
The problem, he explained, is that while hospitals and other providers are bound to strict privacy standards, not all of the medical devices they use are required to put in place the rock-solid safeguards that hospitals should guarantee.
Martin Fisher, who is in charge of information security for a hospital in Georgia, told Public Radio International that such attacks will happen again, and that negotiating with crooks sets a bad precedent, but that he understands why Hollywood Presbyterian did it.
“These guys will definitely try it again with other people. I'm sure they're trying it with the thousands of other potential victims,” he said. “My professional information security opinion is I hate the fact that people pay ransom. As a person who's also in the health care industry and is interested in making sure systems come up quickly so we can serve patients effectively and not have patient safety issues, I totally understand why they made that choice.”
Complete your profile to continue reading and get FREE access to BenefitsPRO, part of your ALM digital membership.
Your access to unlimited BenefitsPRO content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking benefits news and analysis, on-site and via our newsletters and custom alerts
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical converage of the property casualty insurance and financial advisory markets on our other ALM sites, PropertyCasualty360 and ThinkAdvisor
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
