ADVERTISEMENT
Advertise with BNC

Los Angeles medical center pays 40 bitcoins to ransomware extortionists

Around the fifth of February an "internal emergency" was declared at the Hollywood Presbyterian Medical Center in Los Angeles, due to a system-wide ransomware infection.

Around the fifth of February an "internal emergency" was declared at the Hollywood Presbyterian Medical Center in Los Angeles, due to a system-wide ransomware infection. The malicious software typically encrypts a victim’s files and holds them hostage, unless a ransom is paid.

For twelve days, “significant IT issues" were reported by staff. There was no working email system, the emergency room was in a constant state of backlog, and 9-1-1 patients had to be diverted to other hospitals. Vital systems needed for patient care, including CT scans, lab work, and pharmacy were also inaccessible.

The hospital negotiated with the criminals, and paid a reduced ransom of only 40 bitcoins today, in order to quickly restore their data.

Ransomware growh 2016

Research from security experts at McAfee labs, show that ransomware has been growing at an accelerating pace recently.

Several police departments have previously fallen victim to similar attacks, and a malicious advertising campaign that deployed ransomware has recently been targeting online publications. Celebrity publisher TMZ.com and movie meta-review site Rotten Tomatoes have both been targets.

According to the FBI, the problem is growing quickly because the malicious code can spread in a variety of ways and the attack is typically very profitable for the attackers. FBI Special Agent Joseph Bonavolonta described the software as so good, that “we often advise people just to pay the ransom.”

FBI“The amount of money made by these criminals is enormous and that’s because the overwhelming majority of institutions just pay the ransom.”
— – Joseph Bonavolonta, Special agent at the FBI’s Cyber and Counterintelligence Program

The typical advice for protection against ransomware is to implement best-practice procedures, also known as Operational Security, or OpSec. Tips for creating regular backups, not opening suspicious attachments, and keeping security software up to date are all standard OpSec procedures. More technically-inclined users may look into using threat intelligence to block known distributing IP addresses, but it’s technical work that software cannot typically automate.

It wasn’t until 2015 that ransomware became popular enough to build software programs to combat them, and now we have several. BitDefender’s Cryptowall Vaccine, Trend Micro’s Anti-Ransomware Tool, Avast’s Anti-Ransomware tool, and as of last week, MalwareByte’s Anti-Ransomware Beta, all provide an added layer of protection.

The advantage of these programs is that they actively watch for the malicous code to be loaded, while running on a computer, guarding against the attacks proactively.

Meanwhile, other security software suites, including Intel Security (formerly McAfee), Symantec, G Data, F-Secure, Kaspersky, to name a few, have provided specific threat profiles or virus definitions to use inside their existing system protection suites. MalwareBytes appears to be leading the charge, with a solution that blocks ransomware as it evolves.

Malwarebytes”Ransomware does not act like traditional malware: some are automatically updated every day, and even use polymorphic (shapeshifting!) code to evade detection. This makes it exceedingly hard to detect.”
— – MalwareBytes

After releasing a beta version of the anti Ransomware solution late last month, MalwareBytes claims that their new program is working better than even they expected.

The simple, lightweight program downloads and installs on windows machines within seconds, and runs very smoothly with no configuration at all. The spartan app offers almost no options; just the ability to stop and restart the service, set some exclusions, and to look at quarantined files in case you had a false-positive.

Running the program only takes up about as much system memory as keeping an average web page open in a chrome browser, around 20 kilobytes of constant load. They don’t tell us precisely what it’s searching for, but they do say works with a totally different detection type than the company uses for detecting for viruses.

“Malwarebytes Anti-Ransomware uses advanced proactive technology that monitors what ransomware is doing and stops it cold before it even touches your files. It has no shot at encrypting. And it does not rely on signatures or heuristics, so it’s light and completely compatible with antivirus.”
— – Malwarebytes

Malwarebytes is a well-known brand of antivirus software that specializes in stopping browser exploits and other malware installations. In recent years, it’s been rated as ‘Excellent’ by PC Magazine, and is used all over the globe as a “top 10” anti-virus solution.

The Malwarebytes software was originally created last year, by a smaller company called EasySync Solutions. The company is owned by developer Nathan Scott, who developed the underpinnings of what would become Malwarebytes Anti-Ransomware. His work clearly  impressed the Malwarebytes team, as they bought EasySync, and hired Scott as project lead.


ADVERTISE WITH BRAVE NEW COIN

BNC AdvertisingPlanning your 2024 crypto-media spend? Brave New Coin’s combined website, podcast, newsletters and YouTube channel deliver over 500,000 brand impressions a month to engaged crypto fans worldwide.
Don’t miss out – Find out more today


ADVERTISEMENT
Advertise with BNC
ADVERTISEMENT
Advertise with BNC
BNC Newsletters: A weekly digest of the most important news and analysis.
ADVERTISEMENT
Advertise with BNC
Submit an event on bravenewcoin.com
Latest Insights More
ADVERTISEMENT
Advertise with BNC