I've had those cyber "scams" whereby the person says they have hacked my files (or given my computer a virus) and will only unlock the files or fix the viruses for a sum of money, though this has really happened to people and companies with security breaches. The best thing to do with these people is to never pay their demands--ever. Just fix the breach.
Medical devices are still running Windows XP! How do you back up an ICU status monitor or for that matter, protect it from a cyber intrusion? Also ask yourself why, oh why is it necessary to have Internet assess for such infrastructure devices (not just limited to hospitals)?
Usually medical facilities have internal networks--I thought? But when there are Internet portals for patients, there's Internet access I suppose. I've been notified of security breaches from all sorts of credit card companies and such, and as consumers we all just have to live with it and sit in our frustration, whether these companies pay the hackers or not. It is just really unfortunate.