No ultrasound systems have been reported to be infected with the wannacry virus.However, there is the potential for the virus to affect these products and halt system functionality.The resulting harm to the patient would be a possible delay in a procedure for a sedated patient, a reinsertion of a transesophageal transducer or catheter, or repeat of a stress echo exam.A hot fix will be issued to patch vulnerable systems.These hot fixes will follow the december 2016 postmarket management of cybersecurity in medical devices from the fda guidance for 806 reportability.The technical root cause of the problem is the wannacry ransomware software virus and its ability to lockup the system.The virus spreads by first infecting a single system on a network.The initial infection occurs when someone opens an attachment or link which runs the virus software.The virus can then spreads by exploiting vulnerability in the microsoft server message block (smb) functionality (used to share files and printers on the network).The exploit of the vulnerability allows full remote control of the device without any other prerequisite other than the fact that the attacking computer is on the same network as the ultrasound device, and that the ultrasound device is listening to certain tcp ports (139, 445, or 3389).Remote control of the device by an attacker can put patient's safety at risk in terms of misdiagnosis or denial of service when patients are being diagnosed.Those devices that are not capable of listening in on the exploited ports still have the vulnerability inside, however it is not possible for the attacker to "get to" or exploit such devices.
|