WannaCry Ransomware Starts Infecting Medical Devices Running Windows Embedded

It looks like there is another major development regarding the WannaCry ransomware attack. Instead of going after personal and enterprise computers, the malicious software is now infecting medical devices as well. That is a very troublesome development, as radiology equipment infected with ransomware becomes entirely unusable. It is unclear how many medical devices are affected by WannaCry at this point.

Medical Devices Are Not Safe From WannaCry

It is somewhat disconcerting to learn medical devices are now vulnerable to WannaCry ransomware attacks as well. A picture of an infected radiology machine has surfaced on the Forbes website earlier this week. It is unclear if this is just one particular infection, or if multiple medical devices are at risk of dealing with a malicious software attack. If it is the latter, things are not looking good by any means.

The main reason why this particular device was successfully infected by WannaCry is because it runs the Windows Embedded operating system. Up until this point, no one considered that particular operating system to be vulnerable to SMB exploits as well. Unfortunately, it appears that is the case. Microsoft may issue a security update to fix this problem, although it is doubtful these machines will install it automatically.

Quite a few medical equipment vendors are growing concerned regarding this new development. It is unclear which particular hospital was infected by WannaCry and whether or not other institutions are at risk as well. The machine in question is a Bayer Medrad,  and the manufacturer confirmed two reports regarding WannaCry infections have been received so far. Two reports may not sound like a lot, but not every hospital reports such incidents immediately either.

It is believed Siemens medical devices may be susceptible to WannaCry ransomware attacks as well. This information was shared by the Health Information Trust Alliance, and later on confirmed by an official source. It appears Siemens Healthineers products run a version of the Windows operating system still suffering from this SMB exploit. It is unclear how many Siemens medical devices may have been affected at this time, though.

Unfortunately, the problems don’t end there, as Smiths Medical, Medtronics, and Johnson  & Johnson all issued security alerts as well. While none of these machines have been officially infected with WannaCry ransomware at this time, it is still too early to gauge the full effect of what this malicious software is capable of. More specifically, the bigger question is how this software can be removed from medical devices without having to pay the ransom demand. That seems virtually impossible right now.

It is not the first time medical institutions have to deal with ransomware attacks. In most cases, these attacks are directed at staffers’ computers, rather than the medical equipment itself. WannaCry is a clear example of how things can go from bad to worse in a heartbeat, especially in environments where a lack of cybersecurity will create more problems in the future. It is troubling the medical sector is still unprepared for these attacks, that much is certain.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

One Response

  1. PragueBob May 20, 2017

Leave a Reply