Hollywood Presbyterian Medical Center, a private hospital in Los Angeles, is the victim of a ransomware attack. Hospital representatives have declared the matter an “internal emergency” and one expert estimated the ransom amount at over $3 million USD. As reported by NBC, “Staff at Hollywood Presbyterian Medical Center began noticing "significant IT issues and declared an internal emergency" on Friday, said hospital President and CEO Allen Stefanek.” A doctor who wished not to be identified in the story indicated that “the system was hacked and was being held for ransom.” 

Typical ransomware infects a user’s computer and restricts access to their files, encrypting the files and rendering them inaccessible. Additionally, the infected computer retains little or no functionality. Users are provided with instructions on how to pay the ransom to remove the encryption. In the case of this hospital hack, Hollywood Presbyterian staff are reported as being unable to access required documentation for patient care, including lab results, x-rays, and CT scans. Previous medical records are also inaccessible. This is another aspect of ransomware, using the value users place on their files against them, in this case the informational value of medical records. 

Fox asked computer forensic expert Eric Robi about the attack, who stated, “I don’t know why they chose a hospital specifically…Maybe they're thinking it’s a greater sense of urgency because it’s a hospital and the’ll get payed.” He also said the ransom was high in this case and may have been up to 9,000 Bitcoin, approximately $3.6 million USD.

The sophistication and scope of ransomware campaigns continues to grow. Last year a number of U.S. police departments were infected with ransomware which disabled essential systems and crippled their operational capabilities. The affected departments paid ransoms ranging from $500 to $750 to regain access to their systems.