THA Statement on Cyber Attacks

There is an ongoing worldwide cyber attack throughout Europe and Asia and it isn’t too hard to believe that it soon will spread to the United States.

At least 16 hospitals in the United Kingdom and many other organizations across a range of industries have been hit by a variant of “Wanna Decryptor” ransomware, which encrypts data on infected systems and demands a ransom be paid to decrypt the data. There are indications it may be spreading to systems via a security vulnerability that Microsoft recently patched.

THA is urging you to check with your IT departments and vendors to ensure all Windows systems in your facilities have applied security updates related to Microsoft Security Bulletin MS17-010.

This security update is rated critical for all supported releases of Microsoft Windows and resolves vulnerabilities in Windows Vista/7/8.1/10, Windows Server 2008/2008R2/2012/2012R2/2016.

Detailed information, including the Microsoft Updates from the MS Security Bulletin MS17-10, can be found here.

The malware is likely to initially be distributed via email which includes an encrypted and compressed file that when opened allows the ransomware to take over the system. Outpatient services should be alerted to this threat as well.

In an ironic twist, the majority of infected computers thus far are located in Russia, which has been accused of initiating cyber attacks in the past.

For more information, contact Bryan Metzger at THA, 615-401-7445.