Petya, WannaCry Still Affecting Healthcare, HIMSS Report Says | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Petya, WannaCry Still Affecting Healthcare, HIMSS Report Says

July 6, 2017
by Rajiv Leventhal
| Reprints

Recent cybersecurity threats and vulnerabilities such as Petya and WannaCry continue to affect various industries around the world, including healthcare, according to the June HIMSS Healthcare and Cross-Sector Cybersecurity Report.

The monthly report from HIMSS, authored by Lee Kim, director, privacy and security, HIMSS North America, noted that the Petya/NotPetya/ExPetr wiper has infected many computers around the globe, including in the United States. Initial analysis by researchers indicated that it was ransomware (and that it was Petya malware). However, upon further analysis, researchers have now concluded that it is wiper malware and some have referred to the malware as “NotPetya” part of the “ExPetr” malware family.

The report also noted that a “vaccine” file has been widely publicized for this wiper. Analysts still recommend that one patches the CVE-2017-0144 vulnerability (MS17-010). “It is crucial that all systems (and devices) be patched (especially those that connect to a network and/or the Internet), as the malware has worm-like capabilities and can self-propagate across a network,” it said.

As Healthcare Informatics has reported since news of the attack broke, Heritage Valley Health Systems, based in Beaver, Pennsylvania, and Burlington, Mass.-based vendor Nuance both confirmed early on that they were impacted by the global attack.  It was then reported that researchers believed that Petya, or NotPetya as some call it, was not a ransomware attack after all, and that victims should not pay the ransom as they will not be able to restore or decrypt their files. Finally, as we reported today, it was announced over the holiday weekend that while Heritage Valley Health System’ systems have all been restored, the healthcare business of Nuance is still being affected.

What’s more, the WannaCry ransom worm continues to infect computers and devices around the globe. In the healthcare sector, the main concern is in regard to infected medical devices. However, WannaCry has also affected other types of entities, including reportedly local government entities as well, the report noted.

Get the latest information on Cybersecurity and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More



Allscripts Acknowledges Ransomware Attack, Says Impact is “Limited”

Health IT vendor Allscripts has acknowledged that it is investigating a ransomware incident that has impacted a limited number of its applications.

AHRQ to Fund Patient Safety Learning Laboratories

The federal Agency for Healthcare Research Quality plans to spend up to $5 million in fiscal 2018 to support as many as eight patient safety learning laboratories.

RCM Global Software Market to Hit $43.3B by 2022, Report Finds

The global market for healthcare revenue cycle management software is estimated to reach $43.3 billion by the end of 2022, according to a report from Future Market Insights (FMI).

Global Open Source HIT Project Gets $1M Donation From Cryptocurrency Philanthropy

OpenMRS, Inc., an open source medical records platform used in developing countries, has received a $1 million donation from the Pineapple Fund, an $86 million cryptocurrency philanthropy created by an anonymous donor known only as “Pine.”

Media Reports: Massive Data Breach of Norwegian Health Authority Could Impact 3 Million Patients

International media outlets are reporting that a hacker or hacker group breached the systems of Norway’s Health South East EHF, potentially compromising the healthcare data of nearly 3 million patients, or about half of Norway’s population.

Healthcare Groups Call for Improvements to Prior Authorization Process

A collaborative of healthcare organizations, including the American Medical Association, the American Hospital Association, and the Medical Group Management Association, released a joint statement this week calling for improved prior authorization procedures, including automating the process to improve transparency and efficiency.