The United States Computer Emergency Readiness Team (US-CERT) has received multiple reports of ‘WannaCry’ (also known as ‘WannaCrypt’) ransomware infections in several countries around the world and in the United States. Some of these infections are impacting patient access to care. Ransomware is a type of malicious software that infects a computer and restricts users’ access to it until a ransom is paid to unlock it. Individuals and organizations are discouraged from paying the ransom, as this does not guarantee access will be restored.
In addition to the information provided below, the AMA has resources to help physicians conduct a checkup of their systems, and to secure their networks and office computers. Additionally, the AMA has been engaged with the administration since the cyberattack and will continue to monitor the situation to update you as more information becomes available. In the meantime, please let us know by replying to this email whether your members have been impacted by the WannaCry infection.
What Should I Do Now?
Ransomware can infect computers and medical devices. The WannaCry infection affects systems running Windows and spreads easily when it encounters unpatched or outdated software. Physicians should ensure that their computer’s operating systems and anti-virus software are updated and patched:
In addition, physicians should contact their medical device vendors and manufacturers to ensure that they have patched their device software. Medical device manufacturers can always update a medical device for cybersecurity; the FDA does not typically need to review changes made to medical devices solely to strengthen cybersecurity.
How to Help Protect Yourself from Downloads and Email-Based Ransomware
Ransomware can be delivered via email by attachments or links within the email. Attachments in emails can include documents, zip files, and executable applications. Malicious links in emails can link directly to a malicious website the attacker uses to place malware on a system. To help protect yourself, be aware of the following:
Example of Ransomware
This is an example of what the ransomware may look like:
What to Do If You Have Been Infected
If your organization is the victim of a ransomware attack, contact law enforcement immediately.