News

Actions

Hospital pays $17,000 in ransom for stolen data

Posted

DENVER, Colo. -- A California hospital, desperate to retrieve stolen data, paid hackers a $17,000 ransom.

Some consider the move a dangerous precedent for cybersecurity solutions in hospitals across the country.

"Hospitals are full of computers these days, right down to the MRI machines, the IV machines — everything has hardware and software in it," said Dr. Steve Beaty, a computer science professor at Metropolitan State University Denver.

He says if one machine gets hacked in a larger system, the entire network could be at risk. That's why the malware has been given the nickname 'ransomware.'

"Typically what it does is encrypt all of the files on your machine," said Beaty. "Then have to pay them money for the password to decrypt all those files, and the truth is, it's very difficult to go backward from that."

Corporations are often slow to install cybersecurity updates from a top-down approach. So what can other hospitals do to keep up with high-tech hackers?

"The defense here is keep your machines up to date. Keep a backup, in what we call an 'offline' backup," said Beaty.

But even then, there is no guarantee the ransom money will stop hackers from exploiting what they’ve already stolen.

"Any piece of malware — once your machine is infected — can do anything," said Beaty. "Encryption is certainly is one of those things and stealing your information is another one of those things."

Hollywood Presbyterian Medical Center paid the hackers in Bitcoin, which is an encrypted currency.