![\"hospitals-ransomware-186264888-1024x768\"](\"https:\/\/hcsblogdotorg.files.wordpress.com\/2016\/03\/hospitals-ransomware-186264888-1024x768.jpg?w=620\")
<\/p>\n<\/p>\n
RANSOMWARE HAS BEEN <\/span>an Internet scourge for more than a decade, but only recently has it made mainstream media headlines. That\u2019s primarily due to a new trend in ransomware attacks: the targeting of hospitals and other healthcare facilities.<\/p>\n The malware works by locking your computer<\/a> to prevent you from accessing data until you pay a ransom, usually demanded in Bitcoin. Hospitals are the perfect mark for this kind of extortion because they provide critical care and rely on up-to-date information from patient records. Without quick access to drug histories, surgery directives and other information, patient care can get delayed or halted, which makes hospitals more likely to pay a ransom rather than risk delays that could result in death and lawsuits.<\/p>\n \u201cIf you have patients, you are going to panic way quicker than if you are selling sheet metal,\u201d says Stu Sjouwerman, CEO of the security firm KnowBe4<\/a>. Hospitals are a good target for another reason as well: they \u201chave not trained their employees on security awareness \u2026 and hospitals don\u2019t focus on cybersecurity in general,\u201d he says. Instead, their primary concern is HIPAA compliance, ensuring that employees meet the federal requirements for protecting patient privacy.<\/p>\n Last month, attackers took computers belonging to the Hollywood Presbyterian Medical Center<\/a> in Los Angeles hostage using a piece of ransomware called Locky. Computers were offline for more than a week until officials caved to the extortionists\u2019 and paid the equivalent of $17,000 in Bitcoin.<\/p>\n Earlier this month, Methodist Hospital in Henderson, Kentucky was struck by Locky as well, an attack that prevented healthcare providers from accessing patient files. The facility declared a \u201cstate of emergency\u201d on a Friday but by Monday was reporting that its systems were \u201cup and running.\u201d<\/a> Methodist officials, however, said they did not pay the ransomware; administrators in that case had simply restored the hospital\u2019s data from backups.<\/p>\n Then this week, news broke that MedStar Health, which operates 10 hospitals and more than 250 out-patient clinics in the Maryland\/Washington, DC area, was hit by a virus that may be ransomware. MedStar wrote in a Facebook post that its network \u201cwas affected by a virus that prevents certain users from logging-in to our system,\u201d but a number of employees told the Washington Post<\/em> that they saw a pop-up screen appear on their computers demanding payment in Bitcoin<\/a>. The organization responded immediately by shutting down large portions of its network. Employees were unable to access email or a database of patient records, though clinics and other facilities remained open and operating. MedStar did not respond to a call from WIRED.<\/p>\n<\/h3>\n