Publication Date: May 24, 2017
Samsung is aware of the current ransomware campaign known as WannaCry which has attacked a large number of organizations worldwide, including healthcare providers. The malware encrypts (locks) computers and demands a payment to unlock the infected system. According to Microsoft, ransomware attacks have been observed to use common email phishing tactics with malicious attachments to infect devices. Once launched, the malware can further spread to adjacent systems on a network by exploiting a Windows vulnerability (in SMBv1). Further information on this Windows vulnerability can be found on the Microsoft website at: Microsoft (MS) Customer Guidance for WannaCry Attacks. The vulnerability to this ransomware was identified and a patch was released by Microsoft on March 14, 2017 (MS17-010) for Microsoft supported versions of Windows.
Samsung is taking all available precautions including preventative measures such as installation of the latest Microsoft Security Patches for all three imaging modalities – computed tomography, digital x-ray and ultrasound. Separate technical service bulletins were generated for this purpose. Certain Samsung product configurations do not use the vulnerable network ports (137, 138, 139, 445) and as such are not exposed to this Windows vulnerability provided the product is used in compliance with the proper indications and instructions for use.
Our service team is closely monitoring the situation and will continue to work with our customer base to address this malware event and take appropriate actions to mitigate for all Samsung imaging products. Samsung is committed to ensuring robust product security resources and support for our healthcare customers, and their patients who rely on them. We continue to engage with the medical device industry, security research community, and government agencies to monitor the situation, respond accordingly, and meet ongoing healthcare cybersecurity challenges.
For assistance or questions with malware as it pertains to your Samsung product, please contact your local service representative. If you become aware of a vulnerability or other security concern involving a Samsung product, please notify us immediately. We take these threats seriously, and we appreciate your prompt attention to these matters.
The United States Computer Emergency Readiness Team has issued an alert with more information on this issue and potential mitigations.