This was a very serious situation; ambulances were diverted, electronic medical records disappeared, digital communications were unavailable, and there was zero access to X-ray or CT scan information. Radiology and oncology departments were also all but shut down. In other words, all the normal functions for a hospital to perform effectively were seriously disrupted.
For a hospital to be affected in this way is the quintessential nightmare, the Ransomware was still spreading and both the hospital and law enforcement were helpless to do anything about it. So, in the end, paying the ransom was really the only viable option.
Fortunately, the crooks in this case were at least true to their word (honest crooks?) and, although rewarding these ********s is definitely not normally advised, at least the hospital’s computer system is now in the process of being restored to normal functionality.
In what could arguably be described as a silver lining in decidedly gloomy cloud, it turns out the earlier reports of a massive ransom demand were grossly exaggerated. According to hospital CEO Allen Stefanek, the ransom was much smaller than previously reported – amounting to 40 bitcoins, the equivalent of around $17,000:
The reports of the hospital paying 9000 Bitcoins or $3.4 million are false. The amount of ransom requested was 40 Bitcoins, equivalent to approximately $17,000. The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key. In the best interest of restoring normal operations, we did this.
Considering the critical nature of medical facilities, the fact that the hospital really had no other option than to pay up, and the large sum of money involved, this may well turn out to be a defining moment in Ransomware history.