Slashdot Mirror

← Back to Stories (view on slashdot.org)

L.A. Hospital Pays Off Ransomware Thieves To Reclaim Its Network (google.com)

Posted by timothy on from the let-me-guess-the-operating-system dept.

Los Angeles' Presbyterian Medical Center, the target of a successful ransomware attack (successful from the thieves' point of view, that is) has buckled under: to regain control of its network, the hospital has paid a 40-bitcoin ransom (about $17,000) to the gang responsible. That, at least, is a far cry from the much higher ransom widely reported to have been initially demanded: 9,000 bitcoin. (That would have meant a payment of $3.6-3.9 million.)

3 of 159 comments (clear)

  1. So, will they ever spend these bitcoin? by JoeMerchant · · Score: 4, Interesting

    And, can the FBI monitor the blockchain to get IP addresses where these coins were accessed from when the hospital handed them over?

  2. Re:Backups? by gavron · · Score: 3, Interesting

    Yes. I have backups. You have backups. You're modded down to 0 for a perfectly reasonable question.
    I'm sure I'll soon join you.

    Meanwhile the dipshits that run public hospitals DON'T have a usable backup strategy, pay trolls ransom,
    and the new slasdhdot posts it as if it's big news.

    Big news would be if someone actually had a backup and DIDN'T pay the ransom... or if they got LEOs
    to actually FIND the bad guys. Paying ransom... heck, even the LEOs pay ransom. https://www.google.com/search?...

    E

  3. Re:Backups? by Solandri · · Score: 5, Interesting

    A friend of mine runs a multi-million dollar construction supply company and her work computer got hit with a ransomware virus. As she is manager/accountant, it was pretty serious. Fortunately she had a competent IT staff which regularly backed up her system . So they just pulled her computer offline (so it couldn't spread to other systems), and restored everything to a new computer (this is why companies like to buy a bunch of identical Dell systems). And she was back in business the next day.

    Except for one file which she had been working on the day the ransomware hit, and thus hadn't been backed up. As it turned out, the ransomware authors had programmed it to allow the victim to decrypt one file - to prove that it could in fact be decrypted, and hadn't just been deleted. So she of course chose that file to decrypt, and ended up with no data loss. The only loss was she couldn't work for a day.

    That's why you never hear stories of competent IT saving the day. When they do, it's a non-event about as serious as someone calling in sick for a day. It's only when they fail that the problem becomes serious enough to be news-worthy.