US hospital pays 40 bitcoins after ransomware attack

The American Hollywood Presbyterian Medical Center said in a statement that it paid 40 bitcoins, or about 15,000 euros, to get its files back. These had been encrypted by ransomware since February 5, and payment proved to be the fastest way to recover.

The hospital also said that healthcare would not have suffered from the ransomware attack and that there was no unauthorized access to patient data. The hospital’s CEO previously told NBC that he does not believe it was a targeted attack. It is so far unclear how exactly the malware infection could have happened, and the FBI has declined to release details about the case, according to the LA Times. The newspaper also reports that the hospital would have paid the lump sum before contacting the police.

Initially, news reports claimed that the lump sum would be 9,000 bitcoins, but that is a lot lower. A security expert claimed that while ransomware attacks are common, this would have been the first time a hospital had been victimized. Around the same time this incident took place, there was also a hospital in Germany that was dealing with the same problems. It became clear that the infection took place by downloading an e-mail attachment. Five other hospitals in the same region also reported attacks.

Ransomware is a form of malware that encrypts files. Only after payment of a ransom, often in bitcoin, are victims sent a decryption key. In most cases, the ransomware contains detailed instructions on how to obtain and send the bitcoins, and some provide a phone number where victims can get ‘support’. Examples of ransomware include CryptoWall, Cryptolocker, and Coinvault. A year ago, Rijkswaterstaat’s computers were hit by such malware.