Just a simple email. . . but it brought a hospital to a standstill

(Last Updated On: )

News on Tuesday …
Hollywood Presbyterian Medical Center declared an emergency. The computers that ran CT scans, laboratory, and pharmacy work stopped. There was a message on the screens that the computers had been disabled by a thing called “ransomware.”

The demand was simple: 9,000 Bitcoins to get the computers back (at the current exchange rate, that is 3.7 million dollars). What could they do? The medical center was brought to a halt. Patients were routed to other hospitals.

What had happened was a dramatic demonstration of sloppy security. Someone had received a special email. It probably came from their boss. It knew them by name. And, it was immediately interesting. There are many examples of this (look at these cat videos, here are the salaries of everyone in the organization, look at the pictures I took on my vacation). The result the user sees is always the same: nothing.

Behind the scenes, a small program installs itself and goes to work. This is the ransomware. It encrypts all the files it can find. This means all the files on their hard drive. This includes all the files on the network. This includes all the photographs, spreadsheets, documents, financial files and executables. The encryption used is is AES256. This is the same encryption that Wintix and Webtix use. AES256 is un-crackable – even by the military.

What does this have to do with running a box office? A couple things:

  • Don’t open any unsolicited (or unexpected) email
  • If you do open an email, do not open any attachments.
  • Back up your data, files and programs, dammit.
  • If someone else is on your network, and not as careful as you, you will also get hit.

With a good backup, the Hollywood Presbyterian Medical Center would have been back in business in a couple hours. Without the backup, they were helpless.

Will this affect Wintix data on our servers? No. We keep the data well backed up. And the security is tight. If you are hosting your own data, you will be brought down. The only way to protect yourself is with a backup – taken off your machine and say, put on a CD.

It’s a wild world out there. Protect yourself.

Post script – how it turned out
3.7 million dollars was way too much. The medical center simply could not pay it. Somehow, the center managed to get in touch with the criminals and explained the situation. The criminals realized that they were not going to get as much as they wanted. They agreed on a lower ransom. It was still 40 Bitcoins ($17,000.00). But, they are back in business now.

This entry was posted in General Information and tagged . Bookmark the permalink.

Leave a Reply