There has been a flurry of stories in recent weeks about hospital computers being attacked by "ransomware." These attacks seems to take place in the following way. Hackers introduce viruses into hospital computers to block access to a broad swath of files including patient records and then demand a ransom to keep the files from being erased. Here is an article discussing one such example (Hospital ransomware: A chilling wake-up call) and here's an excerpt from the article:
Hollywood Presbyterian [Hospital] declared a state of emergency over the ransomware on February 5th....The hospital isn't saying exactly when it paid the ransom, but it looks like they waited at least a week to end the file-hostage situation. Hollywood Presbyterian said its payment was 40 bitcoin, around $17K....During this time, an unnamed doctor told the press the systems responsible for CT scans, documentation, lab work, pharmacy functions and electronic communications were out of commission -- as in, no email.
The ransomware attacks are continuing in other hospitals (see: Two more hospitals struck by ransomware, in California and Indiana). According to some sources, the culprits behind the attacks use the Locky ransomware virus. Here's a description of it (see: “Locky” ransomware – what you need to know):
..,[Locky ransomware virus is] the nickname of a new strain of ransomware, so-called because it renames all your important files so that they have the extension .locky. Of course, it doesn’t just rename your files, it scrambles them first, and – as you probably know about ransomware – only the crooks have the decryption key.You can buy the decryption key from the crooks via the so-called dark web.
Regarding all of this, a recent comment in HIStalk (see Monday Morning Update 4/4/16) raised the issue of the recent ransomeware attack on the MedStar health system (see: Possible ‘ransomware’ attack still crippling some MedStar hospitals’ computers) and suggested that the MedStar health system had outsourced its IT support to Dell with possible offshore support. Here is the HISTalk comment in its entirety:
From Jack: “Re: MedStar Health. Has a major portion of their infrastructure and server management outsourced to Dell, which manages them with offshore IT people. I find myself wondering if Dell is at risk here, and if so, are there others who are vulnerable to ransomware attacks.”
I don't think that the possibility that MedStar had outsourced its IT support to Dell with possible offshore support has any relevance to this issue. If anything, dealing with a computer virus might be challenging for the IT departments of some hospitals. Outsourcing IT support to a large company like Dell, if anything, could bring more expertise to bear on the problem. The whole issue of ransomware is alerting all health systems about the criticality of the deployment of top quality anti-viral software. Now it boils down to a cat-and-mouse game to see if the attackers or the vendors of anti-viral software stay ahead in the battle.