by
Thomas Dworetzky, Contributing Reporter | May 18, 2017
Another shoe appeared to have dropped in the possibly-North-Korean-tied WannaCry ransomware attack: beyond PCs, it looks like actual medical devices may have been infected, as well.
A
report in Forbes magazine has revealed “an image of an infected Bayer Medrad device in a U.S. hospital.”
The unnamed source who had sent the image to the magazine didn't identify either the institution or the model of the Bayer machine. But, according to the magazine, it looked to be a Bayer power injector.
Bayer confirmed to the publication that two reports from U.S. customers had come in concerning devices infected with ransomware. “Operations at both sites were restored within 24 hours," the spokesperson said. "If a hospital's network is compromised, this may affect Bayer's Windows-based devices connected to that network."
The company advised customers to work with Bayer's Technical Assistance Center "to ensure continued support of contrast-enhanced radiology procedures which use Bayer power injectors."
The good news, according to Beau Woods, deputy director of Cyber Statecraft Initiative at the Atlantic Council, is that although the hacking might disable the machines, it was unlikely that patients would be put at risk. "I seriously doubt Windows is controlling any of the safety functions," he told Forbes.
He also noted on Twitter that when such infections cause medical device outages, this leads to a rise in resource needs, delays in care, and leads to more clinical mistakes. “The harm can go unseen unless you look for it," he tweeted.
The Bayer devices are the first reported cases of medical device operation impacted by ransomware, according to Forbes.
As the hacking code is further investigated by cybersecurity experts, the thinking now is that there was North Korean involvement in the attack.
As reported last week when the attack broke, the tools were first leaked by a group known as the Shadow Brokers.
Since then there has been discovery, by BAE Systems,of "multiple overlaps between the WannaCry malware and that controlled by the Lazarus Group, which the firm associated with North Korean activity,” said the magazine.
Warnings from health care firms have come out in recent days, urging clients to be on alert – and to announce that they are working on ways to protect against infection.
Another possible victim of the attack is Siemens Healthineers, although the company would not “confirm or deny reports” to Forbes.
