+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

The hacked Hollywood hospital is not alone - schools and clinics across the country are increasingly being hacked for ransom

Feb 18, 2016, 02:46 IST

brykmantra/Flickr

The Hollywood Presbyterian Medical Center made headlines when a virus took down computer systems in the hospital and demanded a ransom of over $3 million in bitcoins to restore the system.

Advertisement

While details on the specific virus infecting the hospital remain elusive, signs point to a typical-nonetheless challenging-case of ransomware. These viruses frequently use encryption to scramble the victim's files, forcing them to restore from backups (if they have them) or else pay up for decryption keys.

Ransomware generally targets a user's documents, like text files, images, or audio, rather than critical system files. That's because the hackers' end-goal is to entice victims to pay for their data, not to indiscriminately damage their computer.

The scheme seems to be working, too: hackers generated over $325 million from the attacks in a two-month period, according to one study. While that estimate strains credulity, antivirus firm Bitdefender found that over 50% of American ransomware victims paid the demanded ransom. Even public institutions-particularly police departments-aren't immune.

The encryption of documents can render a computer effectively useless if all its relevant files are inaccessible or if systems have to be taken offline in order to manage the infection, as was the case in the Oxford School District in Mississippi last week.

Advertisement

Business Insider/ScreengrabIn this screenshot provided by a CryptoWall victim, the virus explains what has happened to the user's files.

The problem started innocently enough, according to district superintendent Brian Harvey. "Mid-day on Sunday, I started doing some work and couldn't connect to the Internet." As problems continued, the district's tech staff investigated the problem and found that a virus had been encrypting files, effectively shuttering the network as the infection spread.

"At that point our technology coordinator just shut everything off," Harvey told Business Insider. While the district had its files backed up, wiping and restoring servers and bringing the schools' software back online proved to be a time-consuming task, one which hadn't been completed when Harvey spoke to Business Insider nearly a week after the initial infection.

Some of the consequences of running a school without its computer systems are expected and even mundane, like the fact that students had to write down by hand their ID numbers to pay for their lunches, as reported by Local Memphis. But the shutdown also affected instruction: without access to "learning management software," teachers can't easily send grades, assignments, or study materials to students online the way they normally would.

If the perpetrator behind the attack had their way, district officials would be ponying up 21 bitcoins - nearly $9000 - to restore their files. The availability of backups meant that the district didn't need to give in to demands. Harvey conceded, however, that if they hadn't had the option to restore, there would have been little choice but to pay so as not to lose grades and student information.

Advertisement

Harvey may be right - for the time being, there is generally very little one can do to restore encrypted data from ransomware other than pay.

The CryptoWall 4 decryption site explains how to buy and send bitcoins to pay the ransom.Bleeping Computer

Local law enforcement is investigating the incident, with the aid of the FBI, but Harvey is not holding his breath waiting for a mysterious hacker to get caught: "This is just the world that we live in."

"It's terribly frustrating," Harvey said. "[But] we've got kids coming to us tomorrow and they've still got to learn."

In a hospital setting, the stakes may be greater. Hollywood Presbyterian's president and CEO Allen Stefanek initally told a local NBC affiliate that shutting down the hospital's computer systems did not affect patient care, but some emergency patients reportedly had to be diverted to other hospitals following the incident. Some historical medical records were also rendered inaccessible.

The hospital's president called the attack "random," but hospitals have been specifically targeted in cyberattacks in the past. Just this week, an NBC report cited a massive increase in the hacking of healthcare records. The Washington Post, analyzing data from the Department of Health, reported in March that data on more than 120 million people had been "compromised" across over 1,100 breaches.

Advertisement

Healthcare records are valuable to identity thieves because the information can potentially remain accurate forever, unlike email addresses or even credit card numbers which can be changed.

NOW WATCH: Columbia law professor argues that 'privacy has been privatized'

Please enable Javascript to watch this video
You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article