40

h ttp:/ / h k. on .cc/ in t/ b kn / cn t/ n ews / 2 0 1 6 0 219/ bkn int -2 0160219101558052 -0219_17011_001.h tm l

on.cc
17000

Hollywood Presbyterian Medical Center

5 Allen Stefanek

40
17000 13

10

Hollywood Presbyterian Medical Center Pays Hackers $17K Ransom

h ttp:/ / www .n bcn e ws .c om/ tech / s ecu r ity/ h o llyw oo d - p res byte ria n - me dica l -cente r- pa ys -h a c kers -1 7 kra n s om -n 5 2 0 5 3 6

LOS ANGELES A Los Angeles hospital paid a ransom of about $17,000 to hackers
who infiltrated and disabled its computer network because it was the most efficient way
to solve the problem, the medical center's chief executive said Wednesday.
Hollywood Presbyterian Medical Center paid the demanded ransom of 40 bitcoins
currently worth $16,664 dollars after the network infiltration that began Feb. 5, CEO
Allen Stefanek said in a statement.
The FBI is investigating the attack, often called "ransomware," where hackers encrypt a
computer network's data to hold it "hostage," providing a digital decryption key to unlock
it for a price.
"The quickest and most efficient way to restore our systems and administrative
functions was to pay the ransom and obtain the decryption key," Stefanek said. "In the
best interest of restoring normal operations, we did this."
Workers at Hollywood Presbyterian noticed the network problems on Feb. 5, and it
became clear there was a malware infiltration that was disabling the network.

Computer experts and law enforcement were immediately informed, Stefanek said.
Doctors at the hospital were forced to rely on telephones and fax machines to relay
patient information, Reuters reported.
"It's right there on paper, but it may not be legible," Dr. Rangasamy Ramanathan, a
neonatal-perinatal specialist affiliated with the 434-bed facility, told Reuters on Tuesday.
"The only problem is doctors' writing."
FBI spokeswoman Laura Eimiller said the agency is investigating the extortion plot, but
she could not immediately provide further details.
The 434-bed hospital in the Los Feliz area of Los Angeles was founded in 1924. It was
sold to CHA Medical Center of South Korea in 2004.

http://wechatinchina.com/thread-94482-1-1.html

300

500 3000
500

Tewksbury Police Department Pays $500 Bitcoin Ransom to Hackers

Tewksbury Police Department has reportedly paid a $500 Bitcoin ransom to hackers who had infected
the departments files with a ransomware program called CryptoLocker. The malware program bogged
down the police systems for 5 days after which the department finally decided to pay up.
Chief of Police Timothy Sheehan said, Nobody wants to negotiate with terrorists. Nobody wants to pay
terrorists. We did everything we possibly could. Timothy went on to add that, It was an eye-opening
experience, I can tell you right now. It made you feel that you lost control of everything. Paying the
Bitcoin ransom was the last resort.
It was possibly the last resort given that even the cyber specialists from federal and state law
enforcement along with two private cyber security firms were unable to retrieve the files.
Malware programs such as CryptoLocker, KEYHolder, and CryptoWall enter into the system via emails.
When the users open these tainted emails and click on the hyperlink given in the message, the
computer is affected. The programs then encrypt the data and render the data useless unless a
decryption key is provided.
Moreover, the hackers demanded that the Bitcoin ransom be paid via Tor network, which makes it
extremely difficult to trace the location of the hackers.
This is not the first instance of a police department being forced to pay. Earlier in November 2013,
Swansea Police Department fell victim to a similar threat and had to pay $750 to get its files back. In
January, the Midlothian police had to pay the hackers $500.

The Tewksbury Police Department could have chosen not to pay the Bitcoin ransom had it backed up its
files and other crucial data. In Durham, N.H., chief of police Dave Kurz decided not to bow down to the
threats of hackers as the department had backed up the encrypted information.
We had to clean essentially all the computers, but all of our data was prepared, Kurz said.

Hackers demand Lincolnshire County Council pay 1 million ransom

incolnshire County Council systems were brought to a crashing halt on Tuesday and it was thought the
'ransomware' that downed systems came with a 1 million demand to reinstate access.
The council have today said that the ransom was actually $500 in the online currency known as Bitcoin,
and that they never had any intention of paying it.
Bitcoin is a digital asset and a payment system used to exchange for goods and services online without
going through traditional intermediaries such as banks.
The malicious software attack, which began in the afternoon of January 26, held a large volume of the
council's data stores at ransom. But the council are saying that none of their data has been
compromised and that the majority of systems should be back to full working order tomorrow morning.
The malware was delivered to staff in the form of an email, claiming to be an invoice.
Throughout the week, test have been conducted to remove the malware and restore council IT systems.

The council say they have now fixed the bug and there should be no cause for concern among the pubic
regarding their personal details.
Judith Hertherington Smith, chief information officer said for Lincolnshire County Council said:
"Although the computer malware was originally identified as a 1m demand, we now have further
evidence which I have seen and it was initially only asking for $500 in Bit coin.
"Of Course, this would increase overtime if not paid, but as a public authority this was something we
were never going to do.
"We immediately took action to look after all our data and closed down our systems so they couldn't be
compromised.
" I am pleased to be able to say that we are now at a stage where we are restoring services and when
staff come back into work on Monday morning the majority of the systems will be up and running."
Lincolnshire Police's Cyber Crimes Unit have been working with the council throughout the week to
resolve the issue.
Detective Inspector Stephen Knubley, of Lincolnshire Police's cyber crime unit, said: "I can confirm that
LCC were subject to a malware attack on an IT system. LCC security, in difficult circumstances, have been
extremely professional in dealing with this matter and are working towards restoring a full service.

"I can assure the public that there's no evidence at this time that any data has been extracted from LCC
systems.
"Lincolnshire Police will continue to work with LCC in an attempt to identify the offenders.