NEWS

Jun 15, 2017

"WannaCry" Ransomware Malware Notice

Overview

Shimadzu Medical Systems USA is aware of the recent cyber-attack known as WannaCry Ransomware and the significant impact that it can have on healthcare institutions. This malware exploits a significant Microsoft vulnerability spanning multiple operating system generationsi. Several of Shimadzu’s medical devices could be affected by this vulnerability.

The impact of this vulnerability and malware such as the WannaCry ransomware depends largely on the environment and applicable mitigating factors that may be implemented. Shimadzu Medical Systems USA advises network isolation when possible, ensuring systems have access to only the network resources that are necessary.

Remediation of this vulnerability

Typically, systems are installed in a closed, secured network that are not susceptible to internet or phishing threats. However, the WannaCry Ransomware cryptoworm can mobilize on a network once penetrated by exploiting the Microsoft vulnerability ii. According to the Microsoft security bulletin, patches (KB4012212 or KB4012598) should be applied immediatelyiii. For systems in which patches cannot be applied, US-CERT recommends disabling SMB v1 and applicable portsiv. Shimadzu Medical Systems USA issued a security bulletin on May 15 which described the appropriate remediation steps for our products, using the Microsoft patches whenever possible.

Mitigating factors

This exploitability of this vulnerability can be can be minimized by implementing solutions implementing firewalls, or active threat detection. Shimadzu Medical Systems USA advocates a defense in depth or layered security approach and provides solutions optimized for both security and performance. For more information contact your local AUTHORIZED Shimadzu Medical Systems Dealer. If you are uncertain of that contact point, please call us in the SMS USA Torrance, California Office: 1-800-228-1429, then select “0”.

Additional information

Protecting networks from constantly evolving threats can be difficult. More information regarding ransomware and this threat can be found in the FBI flash linked below:

http://www.himss.org/sites/himssorg/files/flash-fbi-wannacry.pdf

For additional questions or concerns, contact Shimadzu Medical Systems USA using:

ia@shimadzu-usa.com

Phone: 1-800-228-1429

  1. https://www.us-cert.gov/ncas/alerts/TA17-132A
  2. https://blogs.technet.microsoft.com/mmpc/2017/05/12/wannacrypt-ransomware-worm-targets-out-of-date-systems/
  3. https://technet.microsoft.com/en-us/library/security/ms17-010.aspx
  4. https://www.us-cert.gov/ncas/current-activity/2017/01/16/SMB-Security-Best-Practices
Top of Page
CONTACT