Cyber Attackers Who Broke Into MedStar Want Big Payout
BALTIMORE (WJZ) -- New information after hackers take MedStar Health's massive database hostage. The shutdown is still causing chaos, and there are fears there may be more attacks.
WJZ Investigator Mike Hellgren has the warning from the FBI.
The FBI put out an urgent warning to the business community about a nasty new strain of what's called "ransomware" that can quickly infect entire computer systems. WJZ has learned the FBI identified the attack here as a ransomware attack within hours after it happened.
A screenshot, reportedly from an infected MedStar Health computer, shows a message demanding money to unlock data.
MedStar says its computers are slowly coming back online from the cyber attack, but the major health care provider will not say whether it has or will pay the criminals holding it hostage.
WJZ has obtained an email sent from an FBI source, confirming that something called "ransomware" is the cause.
UMBC professor Dr. Anupam Joshi explains how ransomware hijacks the computer system, demanding money in exchange for what's called a "key" to electronically allow access again.
"Unbreakable. It's simply unbreakable," Dr. Joshi said.
WJZ has learned those behind the MedStar attack are asking for 45 bitcoins -- the equivalent of $18,526.
Bitcoins are a digital currency popular in the criminal underground because they're hard to trace and easy to use worldwide.
The hackers threatened: "After 10 days we will remove your private key and it's impossible to recover your files."
The ransomware likely infected the computers when someone opened an email attachment.
"You're kind of out of luck, short of paying the people," said Dr. Joshi.
That's exactly what other recently attacked hospitals have done, but it sets a troubling precedent.
"Many hospitals have not invested in security, so they're just more vulnerable. But now that we have an example of a hospital willing to pay, we are going to see more ransomware than ever," said Dr. John Halamka, chief technology officer at Beth Israel Deaconess Health Systems in Boston.
MedStar says three of its main patient computer systems are moving toward full restoration, but gave no timeline.
MedStar says it does not believe any patient information has been compromised.
