skip to main content

Important Advisory regarding "Wanna-Cry" ransomware

May 13, 2017

As you may have seen in the news, a massive, coordinated ransomware attack has been underway accross the globe, targeting health care and hospital organizations. This has led to a number of major institutions being affected by the traditional ransomware attack of encrypting user files on local and mapped drives.

This particular variant is known as "Wanna-Cry", and is  exploiting a security flaw in Microsoft Windows that allows it to spread to other networked machines once a computer is infected. Basically, it works in two stages:

  1. A malicious/phishing email or website download with the malware is opened by an unsuspecting user
  2. That machine becomes compromised and attempts to spread a "worm" to other machines not appropriately protected

What to do to protect yourself

To protect yourself from this particular threat, please ensure to:

  • Protect your systems with latest versions of anti-virus/anti malware protection software. All major antivirus software companies have protections in place for this variant of attack.
  • Update your Microsoft Windows software. The vulnerability that allows this malware to spread was corrected in a Windows update patch in March 2017. Please contact your IT provider to ensure your Windows systems receive patch cycle MS17-10, and confirm your IT systems are regularly updated.
In addition, you should take the following ongoing precautions to help avoid any issues in the future:

  • Be extra careful when using email, and avoid opening suspicious emails or attachments.
  • Do not browse non-trusted websites, and avoid clicking on banners or linking through to unknown sources.
  • Be careful to avoid social engineering-type attacks where information is being requested of you that you would not normally get ( even from co workers or known sources).
  • If you suspect or confirm your computer has become infected, immediately disconnect the computer from any networks (wired or wireless) and shut down the PC. Contact your local IT provider or EMR vendor for further assistance in resolving the issue.

Should you have any concerns or questions, please contact your OntarioMD Practice Management Consultant to receive further guidance or support.