Market research firm Forrester Research predicted late last year that ransomware would come to medical devices in 2016. Already in February, a California hospital has been targetted by the malware, knocking its medical devices and other connected devices in the hospital offline.
Hackers have managed to bring down medical devices and computing systems in a Los Angeles hospital for more than a week using ransomware, a form of malware that demands a payment before normal functioning is restored. Patients at Hollywood Presbyterian Medical Center have been sent to other hospitals in the wake of the attack. The hackers have encrypted the hospitals records and have reportedly demanded more than $3.6 million to restore them, according to Verge.
The CSO of the hospital believes that the attack could have been orchestrated by code that came into the hospital via a malicious link or attachment that, once open, spread itself throughout the hospitals' network.
The hospital is working with the LAPD and the FBI to identify the hackers and to circumvent the breach.
Late last year, Forrester Research had warned that ransomeware could give hackers remote control over a number of medical devices such as pacemakers, enabling them to extort users of the devices to pay them money to continue living. Forrester named ransomware attacks on medical devices as their top cybersecurity prediction for 2016.
The risk of such an attack, however, is likely relatively small at present and it would be difficult for hackers to implement widespread attacks. The risk, however, is likely growing as the level of wireless functionality incorporated in medical devices expands.
Ransomware has been a growing problem in recent years, infecting public schools, police departments, and thousands of personal computers in people's homes. In the latter case, hackers encrypt important files on a user's hard drive to prevent them from using them, thus enabling them to demand a ransom. Hackers often threaten to wipe off all of the files on the computers' hard drives if full payment isn't received.
FBI reports that such schemes cost U.S. consumers more than $18 million between April 2014 and June 2015.
Cisco had noted in a blog last year that ransomware is growing at an exponential rate.
|Learn more about cutting-edge medical devices at BIOMEDevice Boston, April 13-14, 2016.|
Like what you're reading? Subscribe to our daily e-newsletter.