Ransomware is a nightmare for any company. It's never been more evident than current situation unfolding at Hollywood Presbyterian Medical Center. The hospital system was attacked and now criminals are reportedly demanding $3.6 million in Bitcoin. In return for paying the ransom, hackers have said they will release critical medical data back to the hospital.
The attack, which started on February 5th, is majorly affecting both patients and staff. A doctor told NBC News Los Angeles, that the staff has no access to email, and is communicating via Fax. The doctor also revealed that medical records for previous patients are unavailable, and that several patients have been moved to different hospitals. The hospital CEO isn't revealing details of the attack, but did confirm that a "internal emergency" has been declared.
The FBI, along with LAPD, are leading the investigation, but the cyber criminals don't appear to be backing down until their demands are met.
Ransomware is becoming increasingly popular among criminals and many businesses are beginning to take note. A new study from the Cloud Security Alliance (CSA), and Cloud Provider, Skyhigh, found that 24.6% of companies would pay a ransom to avoid a data breach involving sensitive information. Of those surveyed, 14% said that they would be willing to spend more than $1 million in order to stop the breach.
Until now, the biggest ransomware case was the Sony Hack of 2014, when criminals demanded that Sony pull the movie "The Interview." Hackers released confidential information after Sony failed to comply with the demands. Interestingly enough, this week researchers from Kaspersky Lab and AlienVault Labs, revealed that the Sony hackers are alive and well, and still in the hacking business. The hack has reportedly cost Sony $15 million, so far.
While the Sony attack was devastating, the Hollywood Presbyterian Medical Center hack is creating life threatening situations. Investigators are not saying whether the ransom will be paid, but it's now been 11 days with no answers, and no computer systems. This case could set the precedence when it comes to high profile ransomware attacks.