Hospital data held hostage: This must not stand

Who in the world would wrap his or her fingers around the throat of a hospital, potentially impeding caregivers from doing their best to save and improve hundreds of lives, just to make off with a few thousand lousy dollars?

A growing number of bold and utterly unscrupulous hackers, evidently.

In the wake of February’s high-profile hostage crisis at Hollywood Presbyterian Medical Center—the criminals seized no people but, instead, took control of data systems until they had a ransom payment of around $17,000 in their hands—one shocking incident is looking like it may be just the start of a vexing trend in the making.

Cybersecurity experts have been saying hospitals are vulnerable to this nasty new twist in the data-breach playbook for a few reasons.

Hospitals are big.

They have lots of sensitive yet insufficiently protected data.

And, in the eyes of a robber, they have plenty of money to part with.

Apparently, the bad guys are demanding relatively small ransoms, in the thousands rather than millions of dollars, because this crude calculus favors payment over stalemate.

Sadly, it looks like the bad guys are onto something there.

Governments can sustain a policy of “No negotiations with terrorists” as a long-term strategy for waging war against guerilla forces.

Hospitals invaded by cyber hostage takers, not so much.

It really is a sick scheme these villains have cooked up.

May the best and brightest cybersecurity minds find a way to put it down.

And may they succeed before a series of incidents has a chance to become a crime wave—or, at least, before ransom payments become just another cost of doing business for healthcare providers.