Does your hospital have lingering vulnerabilities that are easy to fix? According to a recent report by Microsoft, there are over a million computers on networks that still have vulnerabilities known to be exploited by some of the most devastating ransomware variants.
Microsoft security officials are underscoring that these vulnerabilities exist and want to make sure you are doing everything possible to fix them (hint: it’s as easy as installing a small Windows update to your older computers).
Coined BlueKeep, this recent exploit has potential to trigger self-replicating attacks that have been most destructive to the healthcare community since 2017. WannaCry is one of the variants of ransomware exploiting these vulnerabilities—which has already amounted to hundreds of millions of dollars in damages, many in hospitals that have since shuttered their doors.
Microsoft is warning that this current bug could lead to other WannaCry attacks and is trying to do everything in its power to get the word out that you need to apply these fixes ASAP.
This so called BlueKeep vulnerability, which is formally tracked as CVE-2019-0708 in the Microsoft system can allow for exploits to reliably execute malicious code without interacting with a user. That means that everything necessary to implement this ransomware attack will NOT need users to click or download software. Hackers are able to release their software to search and destroy autonomously.
Who is affected by this exploit?
If you have Windows 2003, XP, Vista, or Windows 7 platforms you should seriously be concerned and make sure that you’ve applied the updates to your network.
Microsoft is underscoring that inaction to patch up these exploits will most definitely result in attacks the likes of the WannaCry attacks, which had started in 2017—all of these attacks had resulted in massive attacks that paralyzed hospitals (to the point of turning away patients), ruined banks and even governmental bodies.
Microsoft does NOT want the same thing to happen on their platform again, but warns that it is up to you and your team to apply the fix.
Experts fear that many more hospitals and clinics are still susceptible to these attacks, having failed to apply the latest fixes. We want to emphasize that it just takes one. If only one of your networked computers connected to the internet and was not updated, your entire network is vulnerable to a very serious ransomware attack.
I want to stress that the origins of WannaCry came after Microsoft released a different security update to the Windows platform. What does that mean? Criminals are waiting for software companies to update their systems (and identify vulnerabilities within them) until they target and attack their victims. Criminals are waiting for all of the leg work to be done for them before they assemble and devise their methods of attack.
What have they found? Rural hospitals are not applying patches released by Microsoft sufficiently to keep their networks safe. Dozens of systems at this point have fallen victim to attacks the likes of WannaCry simply from having underpatched networks.
Will you be the next victim?
I hate to say this, but the longer you wait to check that your network has been properly patched with updates—ones that have been published for nearly two weeks at this point—the more likely your facility will fall for an attack. Microsoft is urging anyone who is running a vulnerable computer to update it at once.
The flaw affects versions up through Server 2008 R2. Anyone using an outdated version server or workstation should immediately check to make sure they’ve had the patch applied to their systems.
Not sure if your network still has this vulnerability?
Experts recommend evaluating your network with a ransomware vulnerability assessment.