Ottawa Hospital weathers ransomware attack
Ottawa Hospital executives say the organization has weathered a ransomware attack that it was able to overcome with backup files.
The Canadian hospital issued a statement last week that four of the hospital’s 9,800 computers were affected by an attack by hackers, who sought to lock the files on the computers and extract payment.
The facility said it was able to isolate the computers and wipe the drives of information. Patient information was not affected by the attack or remedy, it said. The facility said it believes its current safeguards to this and future attacks will be effective.
The ransomware attack against Ottawa Hospital is the latest in a sequence of high-profile attacks against healthcare organizations by hackers who use malware or phishing attacks to gain access to hospital computers to encrypt the data and then demand a ransom to decrypt it.
In February, Hollywood Presbyterian Medical Center in Los Angeles was victimized by a ransomware attack that affected its ability to access patient information. The facility had to revert to using paper records, then eventually paid a $17,000 ransom in Bitcoin to regain control of its systems.
At Hollywood Presbyterian, the ransomware attack started on February 5, crippling access to electronic health records and interrupting the flow of clinical information.
The facility paid the ransom to obtain a decryption key and put its information systems back online, said Allen Stefanek, its CEO. Access to data in the electronic record was restored on February 15, he said.
The new ransomware threat on healthcare is worrisome because hospitals are not designed to fight cyber risks, says Rahul Kashyap, chief security architect at Bromium, which monitors treat data and analyzes threats. “IT security in hospitals is not architected to ward off these threats—hospital attacks will rise.”