Like a nasty strain of antibiotic-resistant bacteria, ransomware reared its ugly head again this week. This attack is called Nyetya, as named by Cisco’s Talos threat intelligence team. (You may have heard it referred to in the press as Petya, but we believe this variant is different enough to warrant its own moniker.)
Nyetya is particularly wicked because it spreads automatically, using one of the same vulnerabilities that WannaCry exploited in May’s attack. And while it hasn’t impacted any public healthcare systems like the UK’s NHS (at least not yet), the industry wasn’t completely spared.
As of this writing, a health system near Pittsburgh, a pharmaceutical company, and a voice and language tool provider were all affected. So far, there are no widespread reports of patient care disruptions, although one news report referenced a canceled surgery and there are anecdotal reports of dictation and transcription difficulties.
This attack underscores once again the importance of strong cybersecurity in healthcare (and in all industries, for that matter). Cisco’s security team has a great summary of the incident – I highly recommend you check it out here. For more in-depth technical analysis, including tips on mitigation and prevention, read Talos’ blog here. Plus, to hear directly from Cisco security, join our webinar hosted by Martin Lee, technical lead on Cisco’s Talos threat research team. The webinar will take place on June 30 at 7 am PDT / 3 pm BST / 4 pm CEST. Sign up here.
And if you didn’t do so last time, make absolutely sure your Microsoft patches are up to date!