A new ransomware virus, Petya/NotPetya, was released early last week infecting many networks around the world. Similar to the “WannaCry” virus released several weeks ago, the Petya/NotPetya virus encrypts the records of infected Windows computers, rendering the machines unusable until a ransom is paid to unlock it. However, even payment of the $300 Bitcoin ransom does not guarantee that access will be fully restored.
This virus has the power to cause significant downtime in a hospital or practice reliant on modern technology to conduct business. One hospital system in Beaver, Pa. was forced to cancel some operations and revert to paper record keeping when the Petya/NotPetya virus froze computers across two hospitals and satellite locations.
The Petya/NotPetya ransomware takes advantage of vulnerabilities in Server Message Block (SMB). The United States Computer Emergency Readiness Team (US-CERT) encourages users and administrators to review their article on the Microsoft SMBv1 Vulnerability and the Microsoft Security Bulletin. For general advice on how to best protect against ransomware infections, review US-CERT Alert TA16-091A.
What to Do in the Event of a Cyberattack
The U.S. Department of Health & Human Services Office for Civil Rights provides guidance on what to do in the event of a cybersecurity incident including a cybersecurity checklist, infographic and ransomware guidance available here.
Contact your local LAMMICO Risk Management and Patient Safety representative or dial 504.841.5211 for consultation or additional information.