ways to access their computers. In the meantime they used backup
files stored away in their basement and had to rebuild many patients'
medical and family histories.
"We were able to function for those days," says Mr. Rhodes, "but it
was a very slow 3 days."
The center eventually paid the ransom in full with help from cyber
insurance they luckily had in place, but even the payment process
proved to be long and tedious. Mr. Rhodes says the ASC had to pay
for bitcoins — an online currency that's difficult to track and frequent-
ly used by ransomware hackers — which they then deposited into an
online "purse." The purse served as a sort of online middleman, letting
the hackers retrieve the cryptocurrency without being tracked.
Though the center was relieved to discover the hackers had likely
not stolen their patients' information, the whole ordeal left them shak-
en.
"We feel better now, but it's like
anything," says Mr. Rhodes. "How
safe does anybody feel?"
Their story is one that's echoed
thousands of times across the med-
ical community. Every surgical
facility, from major hospitals to
small surgery centers, is a desir-
able target for hackers — and a
vulnerable one at that. They can
hold your data ransom, disable
your computer network or, in one
of the worst-case scenarios, access
your patients' private information
and sell it online.
N O V E M B E R 2 0 1 7 • O U T PA T I E N T S U R G E R Y. N E T • 4 3