The hacked Hollywood hospital is not alone - schools and clinics across the country are increasingly being hacked for ransom
While details on the specific virus infecting the hospital remain elusive, signs point to a typical-nonetheless challenging-case of ransomware. These viruses frequently use encryption to scramble the victim's files, forcing them to restore from backups (if they have them) or else pay up for decryption keys.
Ransomware generally targets a user's documents, like text files, images, or audio, rather than critical system files. That's because the hackers' end-goal is to entice victims to pay for their data, not to indiscriminately damage their computer.
The scheme seems to be working, too: hackers generated over $325 million from the attacks in a two-month period, according to one study. While that estimate strains credulity, antivirus firm Bitdefender found that over 50% of American ransomware victims paid the demanded ransom. Even public institutions-particularly police departments-aren't immune.
The encryption of documents can render a computer effectively useless if all its relevant files are inaccessible or if systems have to be taken offline in order to manage the infection, as was the case in the Oxford School District in Mississippi last week.
Business Insider/ScreengrabIn this screenshot provided by a CryptoWall victim, the virus explains what has happened to the user's files.
The problem started innocently enough, according to district superintendent Brian Harvey. "Mid-day on Sunday, I started doing some work and couldn't connect to the Internet." As problems continued, the district's tech staff investigated the problem and found that a virus had been encrypting files, effectively shuttering the network as the infection spread.
"At that point our technology coordinator just shut everything off," Harvey told Business Insider. While the district had its files backed up, wiping and restoring servers and bringing the schools' software back online proved to be a time-consuming task, one which hadn't been completed when Harvey spoke to Business Insider nearly a week after the initial infection.
Some of the consequences of running a school without its computer systems are expected and even mundane, like the fact that students had to write down by hand their ID numbers to pay for their lunches, as reported by Local Memphis. But the shutdown also affected instruction: without access to "learning management software," teachers can't easily send grades, assignments, or study materials to students online the way they normally would.
If the perpetrator behind the attack had their way, district officials would be ponying up 21 bitcoins - nearly $9000 - to restore their files. The availability of backups meant that the district didn't need to give in to demands. Harvey conceded, however, that if they hadn't had the option to restore, there would have been little choice but to pay so as not to lose grades and student information.
Harvey may be right - for the time being, there is generally very little one can do to restore encrypted data from ransomware other than pay.
"It's terribly frustrating," Harvey said. "[But] we've got kids coming to us tomorrow and they've still got to learn."
In a hospital setting, the stakes may be greater. Hollywood Presbyterian's president and CEO Allen Stefanek initally told a local NBC affiliate that shutting down the hospital's computer systems did not affect patient care, but some emergency patients reportedly had to be diverted to other hospitals following the incident. Some historical medical records were also rendered inaccessible.
The hospital's president called the attack "random," but hospitals have been specifically targeted in cyberattacks in the past. Just this week, an NBC report cited a massive increase in the hacking of healthcare records. The Washington Post, analyzing data from the Department of Health, reported in March that data on more than 120 million people had been "compromised" across over 1,100 breaches.
Healthcare records are valuable to identity thieves because the information can potentially remain accurate forever, unlike email addresses or even credit card numbers which can be changed.