It is not surprising to know that Internet-connected Medical devices are vulnerable to cyber attacks. There have been several cases in the recent past in which cyber criminals took over life-saving devices and held them to ransom.
Now, it has been identified that WannaCry ransomware, the heinous ransomware that has been on the loose for over a week now, has been reported to have infected not only computer systems but also medical devices that were connected to the overall network of healthcare organizations.
The British National Health System: As you may already know, a number of organizations were attacked by the WannaCry ransomware and victims are still being targeted. However, the British National Health System (NSH) was among the most heavily infected with a number of healthcare organizations having their systems hacked by the ransomware.
Initial reports said that it was mainly the management systems that were affected. Later, however, the Health Information Trust Alliance in the U.S, stated that medical devices had also been infected. This is because these devices were connected to the infected networks and had Windows running on them. Therefore, WannaCry was able to spread to these devices as such.
The screenshot of the hacked device was shared by Thomas Fox-Brewster of Forbes.
Advisories released to fight the ransomware: As part of warning the customers who might have such devices, ICS-CERT released a list of vendors who have issued security advisories so as to protect customers from the attack. Companies including General Electric, Rockwell Automation, Philips, Siemens and much more are part of the list.
Beckton, Dickson, and Company have provided a list of a number of affected devices along with guidelines as to how Windows-based systems can be secured. Similarly, Siemens has reported that it is working to fix the flaw in the SMB system of Windows.
According to Gary Quinn, President & CEO, FalconStor, a computer and data protection firm:
“Ransomware attacks can have severe consequences, as the NHS, and many other organizations, have experienced over last few days. The threat of another is imminent, it’s clear the WannaCry attacks are having a huge impact globally. Now, more than ever, organizations and public sector authorities will sit up and realize the importance of protecting data against similar threats. As well as training staff not to click suspicious-looking links, organizations need to deploy a disaster recovery solution and quickly. Once the malware infection is neutralized, the fastest way to recover from these attacks is to use a system-level snapshot of the system that allows near-instantaneous “rollback” of the system to a reasonable time prior to the attack. Older traditional systems only take one backup a week, or at best, once a day. It is important that new systems are implemented that will take multiple snapshots a day and allow 5-10-minute recovery of systems dramatically reducing the attacker’s impact to the business.”