Examining crisis management for an unprecedented ransomware attack
Our last post discussed power grid hacks and the potential they hold to wreak havoc, but what about a real live hack that’s happening now? According to reports, Hollywood Presbyterian Medical center has been locked out of its own computer network for more than a week now. The cause? A nasty bit of ransomware – malware that hijacks and locks systems until the victim pays up. In this
case the ask is huge, reportedly sitting at 9,000 Bitcoin (approximately $3.6 million).
Oh, and did we mention that there’s no guarantee the hackers responsible can or will actually make Hollywood Presbyterian whole if they get the loot?
With such a significant crisis ongoing and media coverage creating nationwide interest one would expect Hollywood Presbyterian to be in full-blown crisis management mode. But, surprisingly, looking at the hospital’s website, Facebook, and Twitter accounts yields zero information about the situation. One of our core beliefs is that, in the absence of information, damaging rumor and innuendo are free to run amok. Beyond that, failing to communicate means that others are free to tell your story, and you quickly lose your position of power as the go-to source of information.
Here’s the core of it all – right now Hollywood Presbyterian looks completely incompetent in the eyes of the public. Systems are majorly compromised and the hospital is sitting silent except for confirmations that it is working with law enforcement, leaving stakeholders to wonder what exactly is happening with their information, if it’s safe to head to the hospital for care, and if perhaps the true situation is even uglier than reports state. Hacks happen, but a complete failure to keep interested parties informed and maintain open lines of communication speaks to bigger problems than a virtual intrusion, a perception that will continue to affect business after the attackers are long gone.
The BCM Blogging Team
www.bernsteincrisismanagement.com
Update: Hollywood Presbyterian Medical Center has released a statement, which reads in part:
The reports of the hospital paying 9000 Bitcoins or $3.4 million are false. The amount of ransom requested was 40 Bitcoins, equivalent to approximately $17,000. The malware locks systems by encrypting files and demanding ransom to obtain the decryption key. The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key. In the best interest of restoring normal operations, we did this.