May 15, 2017

Global Ransomware Attack Makes Healthcare Organizations Wanna Cry

+ Follow Contact

Send

Embed

As has been widely reported, on May 12, 2017, organizations around the world, including Britain’s National Health Service, found their data held hostage by actors using a new variant of ransomware called WannaCry. According to news reports, 200,000 computers in more than 150 countries have been hit by the cyberattack which appears to be spread by phishing emails. There are fears that the number of affected computers could increase significantly when employees start the new work week and turn on their computers. To make matters worse, cybersecurity experts are warning organizations to be alert for new variants of the ransomware that may be released in the coming days.

On Friday, the U.S. Computer Emergency Readiness Team (US-CERT) and the U.S. Department of Health and Human Services Office for Civil Rights (OCR) issued warnings to organizations, including those in the healthcare sector, about the global ransomware attacks in which victims are asked to pay a $300 Bitcoin ransom for access to the data being held hostage. Because healthcare organizations require immediate access to patient information and typically have underfunded data security initiatives, they are particularly vulnerable to ransomware attacks. By Friday afternoon, OCR said there was evidence that the cyberattacks had affected U.S. organizations.

According to published reports and US-CERT, the WannaCry ransomware may be exploiting a vulnerability in Microsoft Server Message Block 1.0 (SMBv1). In March 2017, Microsoft released a patch to address the vulnerability. However, organizations that have not yet applied the patch are susceptible to the WannaCry ransomware. To mitigate this vulnerability, US-CERT encourages users and administrators to review the US-CERT article on Microsoft SMBv1 Vulnerability and the Microsoft Security Bulletin MS17-010.

Additional information about the WannaCry ransomware, including preventive measures, is available in U.S.-CERT Alert TA17-132A, Indicators Associated With WannaCry Ransomware, available here.

This incident is a reminder to healthcare organizations of the importance of:

timely applying patches for identified computer system and software vulnerabilities;
maintaining backups of all critical systems and ensuring the backups work correctly; and
frequently reminding employees to remain vigilant for phishing emails.

We will continue to monitor this developing story and publish updates as necessary.

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

Written by:

Akerman LLP - Health Law Rx

Contact + Follow

Elizabeth Hodge

+ Follow

less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

Increased visibility
Actionable analytics
Ongoing guidance

Learn More

Published In:

Cyber Attacks

+ Follow

Cyber Crimes

+ Follow

Data Breach

+ Follow

Hackers

+ Follow

Health Care Providers

+ Follow

Hospitals

+ Follow

OCR

+ Follow

Phishing Scams

+ Follow

Ransomware

+ Follow

US-CERT

+ Follow

Communications & Media

+ Follow

Health

+ Follow

Privacy

+ Follow

Science, Computers & Technology

+ Follow

less

Akerman LLP - Health Law Rx on:

Global Ransomware Attack Makes Healthcare Organizations Wanna Cry

Latest Posts

Written by:

PUBLISH YOUR CONTENT ON JD SUPRA NOW

Published In:

Akerman LLP - Health Law Rx on:

"My best business intelligence, in one easy email…"