Full text

In February, Hollywood Presbyterian Medical Center was crippled by a cyberattack that encrypted patient and laboratory records and took all network and computer-related functions, including CT scans, lab work, pharmaceutical activity and patient records, offline for more than a week. Hospital president and CEO Allen Stefanek declared an internal emergency as staff manually logged

registrations and records on paper and used fax machines to communicate. Despite the assistance of local police and security experts, the hospital ultimately realized the quickest and most efficient way to restore systems and administrative functionality was to pay the hackers' demanded ransom of 40 bitcoins, worth around $17,000.

By the end of March, at least four other hospitals had also been the victims of ransomware, although it is unknown whether they ultimately paid ransoms. The FBI is investigating the cases.

Unlike other kinds of cyberattacks, ransomware attacks are not about data exfiltration; they are about freezing access, holding businesses functionally hostage. When this kind of malware infects a system, it encrypts important files and documents and demands a ransom, typically in the form of digital currency like bitcoin, in exchange for a decryption key. The encryption can be crippling and circumventing it very difficult, so the FBI surprisingly advises businesses that they may be better off paying the ransom, especially if the company's system backup has also been infected.

While experts anecdotally cited ransom demands in the financial and professional services industries reaching well into the hundreds of thousands of dollars, most attacks thus far have been smaller, asking for a single bitcoin (about $400). The ease of launching these attacks and their efficacy adds up, though. Researchers at Intel Security report that one ransomware campaign alone netted $325 million last year, and security firm Bromium has seen a 600% increase in the number of ransomware "families" since 2013, in which time it has become one of the most common attack trends. Indeed, in a survey the firm conducted at information security industry conference RSA, 49% of respondents said they or someone they knew had experienced a ransomware infection.

In addition to its growing frequency, the actual means of attack have also improved significantly, as hackers get better at social engineering and develop...