WannaCry Ransomware Attack: Medical Devices Vulnerable To Exploit
Security researchers have revealed the WannaCry ransomware attack that infected more than 300,000 computers in 150 countries does not just affect Windows machines but can also exploit medical devices.
The Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team and several medical device vendors have issued warnings to consumers about the possible risk the ransomware may pose to their devices.
Read: NHS England Cyberattack: Hospitals Throughout UK Hit By Ransomware
German electronics manufacturer Siemens told customers Tuesday some of its Healthineers products used in clinical environments can be affected by the same vulnerability that allowed WannaCry to spread.
At-risk devices include the company’s Multi-Modality Workplace — an imaging platform used in hospital radiology departments — and several of its MRI systems. The company issued a security bulletin disclosing potential security concerns for both products this week and is advising customers to isolate the products to prevent infection from other vulnerable computers on the same network.
The Health Information Trust Alliance issued a report this week that suggested Siemens devices were compromised during the WannaCry infection that began spreading last week.
The alliance also implicated German company Bayer, suggesting there was evidence devices from its subsidiary MedRad were also infected. MedRad produces devices that perform CT, MRI and PET scans.
The alliance also suggested several other device manufacturers may be at risk, but opted not to name them.
Read: NSA Disclosed Vulnerability To Microsoft After Learning It Was Stolen By Shadow Brokers
It is not clear if devices from Siemens or Bayer were present at the National Health Services hospitals in England that were affected by the spread of WannaCry. Many of the hospitals were forced to turn away emergency patients and stopped carrying out certain procedures due to the infection.
Siemens and Bayer were not alone in providing disclosures regarding potential WannaCry vulnerabilities. Medical device manufacturer Becton, Dickinson and Co. also warned that some of its products support Windows and may be at risk though it did not name specific devices.
The potential compromise of medical devices is just the latest revelation in just how widespread the WannaCry attack is.
It was initially believed only Windows machines were at risk as the attack took advantage of a hacking tool created by the U.S. National Security Agency to exploit EternalBlue, a remote code execution attack that targets a vulnerability in Windows Server Message Block version 1 (SMBv1).
After the initial wave of the WannaCry attack had passed, it was revealed the same exploit was also used to create a botnet of compromised computers that were used to mine for a cryptocurrency called Monero. That attack is believed to be larger in scale than WannaCry, according to security firm Proofpoint.
The attacks have managed to succeed despite a patch specifically to combat the very vulnerability in SMBv1 that was issued by Microsoft weeks ago. The NSA disclosed the vulnerability to the computing giant after it was stolen from the government agency by a group of hackers known as the Shadow Brokers.
© Copyright IBTimes 2024. All rights reserved.