ECRI Releases Guidance on Protecting Device Systems Against Ransomware

By MedTech Intelligence Staff
May 30, 2017


• Categories: 03-Manufacturing Execution, 05-Quality/Regulatory, Market Access

Ransomware attacks are making headlines with increased frequency. The latest malware to affect medical devices, WannaCry, wreaked havoc on hospitals in the U.K. and hit at least two hospital systems in the United States. As facilities continue to grapple with the reality that the rate of cyberattacks is only going to grow, hospitals’ IT departments are tasked with implementing more protective measures that focus specifically on medical device systems versus general hospital systems.

ECRI recently released a new guidance, “Ransomware Attacks: How to Protect Your Medical Device Systems”, which offers “do’s and don’ts” on how hospitals can identify and protect against ransomware infection. The recommendations are directed at a facility’s medical device security lead and include the following:

• Identify all medical devices, servers and workstations that operate on a Windows operating system (the WannaCry ransomware targeted Windows-based OS)
• Have the connected medical devices and servers received the Microsoft Windows OS MS17-010 security patch?
• Run a vulnerability scan to identify affected medical devices
• Manage third-party vendors that haven’t implemented the security patch
• Disconnect any devices identified or suspected to have a malware infection, and if unencrypted patient data is involved, risk management should handle the hospital’s response to the data breach (per HIPAA)
• Address most life-critical devices first, followed by therapeutics products, patient monitoring devices, alarm notification systems and diagnostic imaging systems

Read the “don’ts” in the guidance.