CNN, KrebsOnSecurity.com and many security firms reported this morning that hospitals in the UK were crippled Friday by a large-scale cyber-attack that forced operations to be canceled and ambulances to be diverted. Reportedly health workers have been locked out of their systems and have seen messages demanding ransom payments to regain access.
The ransomware has spread across the NHS healthcare network and has initially been identified as a variant of a previous ransomware exploit call Wanna Decryptor. Brian Krebs reported this morning that it may be spreading to vulnerable systems via a security hole in Windows that was recently patched by Microsoft. If your computers aren’t up-to-date with the latest Windows patches you may be vulnerable!
Unlike the U.S. where most healthcare systems are independent, the fight against this malware has been jointly taken up by NHS England, the Department of Health and the National Cyber Security Centre to coordinate the fight against this malware.
It’s important to note that while the initial news reports identified healthcare organizations in England as the targets, it is also affecting many other business sectors across the globe now so you should all be conscious of the threat.
This is an evolving situation so we’ll try to keep you updated.
UPDATE 1 – IT’S SPREADING RAPIDLY AROUND THE GLOBE
The scope of this threat has now expanded to 74 countries and beyond just healthcare organizations. It’s got a name too now – WannaCry! It is impacting organizations large and small so it’s important for you to update your patches and A/V ASAP.
UPDATE 2 – IT CAN SPREAD ITSELF ON NETWORKS AUTOMATICALLY
This malware is unlike earlier ransomware in that it will attempt to spread itself across a network once a computer is infected. “It has a ‘hunter’ module, which seeks out PCs on internal networks,” Kevin Beaumont, a British security expert, said. “So, for example, if your laptop is infected and you went to a coffee shop, it would spread to PCs at the coffee shop. From there, to other companies.” He also stated that this may be the biggest malware exploit he’s ever seen!
If you encounter this or any other similar event and need any help, please don’t hesitate to give us a call at (847) 639-7000.
