430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Medical Devices infected by WannaCry Ransomware in US hospitals

According to Forbes, the dreaded WannaCry ransomware has infected medical devices in at least two hospitals in the United States. WannaCry infected 200,000 computers across 150 countries in a matter of hours last week, it took advantage of a tool named “Eternal Blue”, originally created by the NSA, which exploited a vulnerability present inside the earlier […]

Wannacry medical devices

According to Forbes, the dreaded WannaCry ransomware has infected medical devices in at least two hospitals in the United States.

WannaCry infected 200,000 computers across 150 countries in a matter of hours last week, it took advantage of a tool named “Eternal Blue”, originally created by the NSA, which exploited a vulnerability present inside the earlier versions of Microsoft Windows. This tool was soon stolen by a hacking group named “Shadow Brokers” which leaked it to the world in April 2017.

Now security experts report the WannaCry ransomware has infected also medical devices as reported by Thomas Fox-Brewster on Forbes.

The journalist published an image of an infected medical device, likely a Bayer Medrad radiology equipment that is used to inject contrast agents inside the human body to aid in MRI scans.

“A source in the healthcare industry passed Forbes an image of an infected Bayer Medrad device in a U.S. hospital. The source did not say which specific hospital was affected, nor could they confirm what Bayer model was hacked. But it appears to be radiology equipment designed to help improve imaging.” states Forbes.”More specifically, it’s a device used for monitoring what’s known in the industry as a “power injector,” which helps deliver a “contrast agent” to a patient. Such agents consist of chemicals that improve the quality of magnetic resonance imaging (MRI) scans.”

wannacry ransomware medical devices

WannaCry ransomware on a Bayer radiology system – Source Forbes

The medical device was infected by the WannaCry ransomware because it was running on a version of the Windows Embedded operating system and supporting the SMBv1 protocol.

The name of the hospital where the device was infected was not reported to Forbes, Bayer confirmed it had received two reports from customers in the US.

According to a Bayern spokesperson, the affected hospitals faced limited problems.

“Operations at both sites were restored within 24 hours,” said the spokesperson. “If a hospital’s network is compromised, this may affect Bayer’s Windows-based devices connected to that network.”

Bayer plans to send out a Microsoft patch for its Windows-based devices “soon.”

According to Forbes, a source with the Health Information Trust Alliance (HITRUST) confirmed that WannaCry ransomware also infected and locked down Windows-based medical devices belonging to Siemens.

Siemens admitted that Healthineers products are vulnerable to WannaCry.

“Siemens Healthineers recognizes that some of its customers may be facing impacts from the recent major cyber-attack known as “WannaCry”.” reads the advisory published by Siemens. “Select Siemens Healthineers products may be affected by the Microsoft vulnerability being exploited by the WannaCry ransomware. The exploitability of any such vulnerability depends on the actual configuration and deployment environment of each product.”

Ransomware is a serious threat for the healthcare industry, this specific category of malware could infect systems at hospitals preventing the personnel from using any medical equipment and making ordinary operations (i.e. managing patient data or medical treatment schedules).

WannaCry affected 40 hospitals in the UK. let’s hope operators in the healthcare industry will understand the importance of cyber security for the industry.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – WannaCry ransomware, healthcare)

[adrotate banner=”5″]

[adrotate banner=”13″]