T patient lying on the emergency room table in front of Paul Pugsley was having a stroke. Time was running out. Pugsley, an emergency medicine resident at Maricopa Medical Center, knew he needed to send the patient for a CT scan. But when Pugsley looked over at the computer screen at the side of the room, he saw a pop-up message demanding bitcoin payment. A few minutes later, he was told that the same message had shut down the scanner — he’d have to help the patient without knowing whether the stroke was caused by a bleed or a clot, information that’s usually vital to the course of treatment. After a few minutes of frantic workarounds, the patient — actually a medical test dummy — was wheeled out the room (prognosis: survival, but serious brain damage). The flashing ransom note was part of a simulation, designed to expose physicians like Pugsley to the very real threat of cyber attacks on their hospitals.