Re: What your repository experience says For me, it was Y2K that really drove home the lesson: No one knows…
Morning Headlines 2/18/16
Hollywood hospital pays $17,000 in bitcoins to hackers who took control of computers
Hollywood Presbyterian Medical Center caves to the demands of hackers, paying a $17,000 ransom in bitcoin to restore access to its network. Hackers had initially demanded $3.6 million.
CMS and insurance lobby group America’s Health Insurance Plans agree on seven sets of clinical quality measures that will standardize quality reporting across multiple payers.
Cerner Downgraded to Hold at Everccore ISI, Price Target Cut to $52
Cerner stock continues to fall, closing 4.8 percent down at the end of trading Wednesday, after lowering its estimate on projected bookings and being downgraded from ‘buy’ to ‘hold’ by analysts.
The NHS’s future is digital – but not if we simply replicate poor paper processes
The Guardian analyzes the potential impact EHRs will have on NHS care delivery, noting that implementing improved business and clinical workflows within the new systems will ultimately dictate the value derived from the investment.
Wow, Hollywood Presbyterian Medical Center paid? There was no guarantee the key would be sent so that was gutsy, regardless the amount. Also, anyone know what EMR they’re on? They should have a DR site that shadows data and wouldn’t be hit by the encryption to allow them to switch and recover instead of this risky move. Wow, simply wow!
Can’t seem to find any indication anywhere what EMR they are on. Same with Titus Regional that was also down for 9-10 days.
HPMC is on McKesson
If your database is corrupted, the real-time mirror in the DR site will be corrupted as well. If malware encrypts your data, the real-time copy of your data will be encrypted as well. Your only hope would be to restore from backups prior to the encryption process, then roll the journal files forward over the restored backups.
If the encryption process ran with elevated permissions, as seems likely in this case, there is no reason to assume it would restrict itself to data files. If your application servers had also been encrypted, then the backup application itself might not be available to perform restores.
It would be educational if the hospital would be willing to be totally open about the extent of the attack, the methods they attempted to recover, and the process they followed to purchase and apply the decryption key.