• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

This forum thread needs a solution.
Kudos0

Is Not Over!! WannaCry??

Healthcare industry was likely to be next frontier for major cyber attacks. A Wanna Cry attack is one of a ransomware that could cause serious damage to the companies. Companies without backup indeed lost data due to the asymmetric encryption usage. My questions, what are the basic measure that companies should execute to have a better chance at staying safe? And why this attack was so devastating to companies?

Replies

Kudos2 Stats

Re: Is Not Over!! WannaCry??

You said it in your own post. BACK UP YOUR DATA.. And be sure you have fully updated your Windows installations and run a good anti virus software. Use internet best practices like not surfing to unknown sites and do not click on links in emails.

Things happen. Export/Backup your Norton Password Manager data.
Kudos0

Re: Is Not Over!! WannaCry??

Thank you for your time

I agree with your opinion. But, backing up data will lead to data storage issue in healthcare especially on IT expertise, replication, and knowledge base. 

As we know, the patient record is confidential to others parties. So, what is your opinion on data storage issues and how to prevent this problem in future? 

Kudos1 Stats

Re: Is Not Over!! WannaCry??

Backups can be encrypted and sensitive data absolutely must be encrypted.  Aside from the problem of ransomware, medical data needs to be backed up anyway to prevent loss of information due to system failure, natural disasters, and all the other things that can wipe out digitally stored information.  The more critically important the data, the more essential it is to have backups....  Plural, backups.

Kudos0

Re: Is Not Over!! WannaCry??

I thought I heard that most of those machines were running Windows XP.  That isn't the safest option.

A little bit of knowledge is... well a little bit of knowledge.
Kudos0

Re: Is Not Over!! WannaCry??

Agreed. 

To do a backup, there lot of things to measure before implementing. Budgeting not only for maintaining the system after developing but hardware and software also need to decide first (ex: migration). In your opinion, what are the current hardware and software that can be used to backup patient data in health environment? and how policy and law help to prevent cybercrime in technology environment?

Kudos0

Re: Is Not Over!! WannaCry??

Yes. I also heard on that, especially on EnternalBlue.

EnternalBlue is a vulnerability on Windows system with outdated versions of the Windows File and Printer services (SMB).

So, as u said "that isn't the safest option", what is your opinion to prevent Windows XP from this ransomware attack? 

Kudos2 Stats

Re: Is Not Over!! WannaCry??

In your opinion, what are the current hardware and software that can be used to backup patient data in health environment?

If you are in charge of this kind of an operation, you need to contact a security consultant. They are professionals that know the industry and can advise you on the best course of action. Asking in a public forum, you may get many suggestions, but you have no way of knowing who is making these suggestions. 

what is your opinion to prevent Windows XP from this ransomware attack?

Purchase new hardware that will come with a current and more secure version of Windows.

Things happen. Export/Backup your Norton Password Manager data.
Kudos1 Stats

Re: Is Not Over!! WannaCry??

I agree with peterweb.  Patient information is a very specialized type of data - extremely sensitive and governed by laws (backup needs to be HIPAA compliant).  You would be best advised to consult an expert in the field of medical data storage.

https://www.hbma.org/news/public-news/n_the-truth-about-hipaa-hitech-and...

Kudos2 Stats

Re: Is Not Over!! WannaCry??

raisya:

EnternalBlue is a vulnerability on Windows system with outdated versions of the Windows File and Printer services (SMB).

So, as u said "that isn't the safest option", what is your opinion to prevent Windows XP from this ransomware attack? 

Hi raisya:

Microsoft released special out-of-band security updates for Win XP SP3 and other unsupported operating systems for EternalBlue as well as three additional NSA-leaked exploits EnglishmanDentist, EsteemAudit and ExplodingCan.  These updates were not released via Windows Update and standalone .msu installers must be downloaded from the Microsoft Update Catalog and applied manually.  Go directly to the last paragraph of this post for instructions on where to download these security updates for Win XP SP3.
_______________________________

Microsoft automatically delivered a patch for the EternalBlue exploit for supported operating systems (Vista SP2 and higher) via Windows Update with the March 2017 Patch Tuesday updates (MS17-010: Security Update for Microsoft Windows SMB Server, released March 14, 2017).  This was more than a month before theWannaCry ransomware was released, so if Vista SP2 and higher computer were patched in April 2017 they should not have been susceptible to WannaCry.

As far as I know the WannaCry ransomware did not originally target Win XP computers (see Woody Leonhard's comments in his AskWoody.com article How to make sure you won’t get hit by WannaCry/WannaCrypt), but hackers are now using the EternalBlue exploit to deliver other malware.  For this reason, patches for the EternalBlue exploit were posted in May 2017 for Win XP / Win 8 / Windows Server 2003 operating systems in the Microsoft Update Catalog.  Download links for standalone .msu installers for Win XP SP3 and other unsupported operating system were posted at the bottom of the 12-May-2017 MS TechNet article Customer Guidance for WannaCrypt Attacks.

In June 2017, Microsoft released additional out-of-band updates for Win XP / Vista / Win 8 / Windows Server 2003 to patch vulnerabilities for three additional NSA-leaked exploits EnglishmanDentist, EsteemAudit and ExplodingCan.  See Woody Leonhard's 13-Jun-2017 Computerworld article There's a Reason Microsoft is Patching Windows XP Again This Month as well as the Microsoft June 2017 blog entry subtitled Microsoft releases additional updates for older platforms to protect against potential nation-state activity for additional information.

To apply these June 2017 patches for EnglishmanDentist, EsteemAudit and ExplodingCan, Vista users can follow the instructions posted in the MS Answers forum at More Shadow Brokers Exploits Patched June 2017 for Win XP and VistaWin XP users can download the updates for all four exploits (EternalBlue, EnglishmanDentist, EsteemAudit and ExplodingCan) from Tables 1, 2 and 3 of the Microsoft Security Advisory 4025685: Guidance for Older Platforms: June 13, 2017.  Again, the majority of these updates were not delivered via Windows Update and must be installed manually using .msu offline installers.  Just download the .msu installer and save it to your Windows desktop, double-click the .msu file to start the installer, and re-boot when the installation is finished if you are prompted to do so.
---------------
32-bit Vista Home Premium SP2 * Firefox ESR v52.5.0 * NS Premium v22.11.2.7 * MB Premium v3.3.1

Kudos0

Re: Is Not Over!! WannaCry??

Thanks imacri

Really help me on more understood about this topic

Kudos0

Re: Is Not Over!! WannaCry??

raisya:

EnternalBlue is a vulnerability on Windows system with outdated versions of the Windows File and Printer services (SMB).

So, as u said "that isn't the safest option", what is your opinion to prevent Windows XP from this ransomware attack? 

 Hi raisya:

If you have a Win XP computer and are especially concerned about ransomware like WannaCry, the critical patch to install is KB4012598 (MS17-010: Security Update for Microsoft Windows SMB Server, released March 14, 2017 via Windows Update for Vista SP2 and higher).  The MS17-010 security update patches multiple SMB vulnerabilities used by various NSA-leaked exploits, including EternalBlue (used in the May 2017 WannaCry attack), EternalRomance (used in the June 2017 NotPetya and recent October 2017 BadRabbit attacks - see <here> for details), EternalSynergy, and EternalChampion.

As noted <above>, the 32-bit and 64-bit Win XP download links for KB4012598 (MS17-010) are available in the Microsoft Security Advisory 4025685: Guidance for Older Platforms: June 13, 2017.
---------------
32-bit Vista Home Premium SP2 * Firefox ESR v52.5.0 * NS Premium v22.11.2.7 * MB Premium v3.3.1

This thread is closed from further comment. Please visit the forum to start a new thread.