“A worldwide ransomware attack hit organizations across multiple continents Friday, with preliminary evidence showing infections in at least 14 countries, according to Reuters.
No hospitals in the United States have reported experiencing an attack as of 2:30 p.m. CST, however, the ransomware has brought down operations at multiple facilities in the U.K.’s national healthcare system. The main U.S. target thus far is FedEx.
Here are six things to know.
1. Security experts report the ransomware variant exploits a vulnerability discovered by the National Security Agency in the U.S., according to The New York Times. Many organizations, including hospitals, had not appropriately updated their systems to address this vulnerability.
2. The ransomware was distributed via email, in which users were sent an encrypted file that, once loaded, would infect their system, The New York Times reports. Affected organizations report seeing similar messages that request roughly $300 in Bitcoin to unencrypt their files.
3. Organizations in North America, Europe and Asia have all been affected by the ransomware attack, according to Forbes. MalwareTech, a security researcher, reported 1,600 organizations in the U.S. have been infected with the ransomware.
4. One of the most prominent attacks hit healthcare facilities affiliated with the U.K. National Health Service. NHS reported 16 affected organizations, as of 2:30 p.m. CST. The ransomware — which locked healthcare workers out of IT systems, including patient files — led NHS to cancel routine operations and divert ambulances, according to The Financial Times.
5. In a statement posted on NHS Digital — which said the malware variant is called Wanna Decryptor — NHS emphasized the attack “was not specifically targeted at the NHS and is affecting organisations from across a range of sectors.” For instance, the ransomware hit Telefonica, a major telecommunications company based in Spain, according to Reuters.
6. In the United States, FedEx was reportedly hit by the ransomware variant. In a statement obtained by The Commercial Appeal, FedEx spokesman Jim McCluskey said: ‘Like many other companies, FedEx is experiencing interference with some of our Windows-based systems caused by malware. We are implementing remediation steps as quickly as possible. We regret any inconvenience to our customers.’”
The foregoing quote from May 12, 2017 Becker’s Health IT & CIO Review article by entitled “Worldwide ransomware attack hits hospitals, FedEx: 6 things to know” (http://bit.ly/2pJ4lJr) serves as a current and stark reminder that the cyber world is under perpetual attack by sophisticated combatants, and that the best available cyber-security systems and staff are required to mount an adequate defense. Apart from immediate application of operating system software patches provided by the vendors of such software (e.g. — Microsoft), which activity is not adhered to by many healthcare provider organizations; and also in light of these organizations’ inability to maintain the latest and greatest systems and the best and brightest staff, owing principally to budget limitations; therefore, the most cost-effective strategy is to move critical systems to the Cloud.
Cloud service providers (CSPs) have built their business on the provision of cloud-based data centers (i.e. — Internet-accessible IT infrastructure, systems and software managed by system, security and other highly qualified professional staff) in a continually available, secure and scalable manner. Healthcare provider consideration of the approach further defined and described by the Cloud Healthcare Appliance Real-Time Solution as a Service (CHARTSaaS)
integrated development environment (IDE) reference architecture (RA) will provide beginning justification for and guidance in Cloud computing adoption.
Please validate this proposition to your own satisfaction by reading the white paper at http://bit.ly/2nhwqpd and then by reviewing the details of CHARTSaaS and the CHARTSaaS RA in these presentations:
Healthcare providers will benefit significantly from appreciating and then applying a CHARTSaaS RA-compliant IT solution. To do so will mitigate medical mistakes (currently the third leading cause of patient deaths. per Makaray and Daniel http://www.bmj.com/content/353/bmj.i2139); thereby minimizing patient adverse events and optimizing clinical case outcomes while maximizing the cost-effectiveness of care and treatment, and also accelerating the accrual and facilitating the application of medical knowledge.