INFORMATION TECHNOLOGY ADVISORY - "WannaCry" Ransomware
May 19, 2017
As a follow up to our May 17th Information Technology Advisory below, Bayer has now certified the Microsoft (MS) security patch and has started to deploy the update. If you have an identified Bayer Windows-based device, Bayer will contact you with instructions for application of the patch.
Bayer will continue to post updates regarding this malware event on this website. Customers requiring further assistance should call Bayer at 1-877-229-3767.
May 17, 2017
Bayer is aware of ransomware ("WannaCry") that is exploiting vulnerabilities in Microsoft (MS) Windows. If a hospital's network is compromised by the malware attack, the virus can spread through the hospital's information technology (IT) network. In this event, Bayer's Windows-based devices that are connected to the network may be impacted. These devices include: Medrad® Stellant™ and Medrad® MRXperion™ control room units (Certegra® Workstations), Certegra® and VirtualCare® devices, Medrad® Intego RDMS and Certegra® Connect.CT.
Bayer actively monitors for malware that may affect the operation of our devices. In response to this latest global cyber-attack, Bayer will provide a certified MS security patch for deployment on the devices listed above.
If a hospital network has been impacted by this malware, customers should immediately unplug the Ethernet cable from the network jack on the listed devices above.
If the network has NOT been impacted, Bayer recommends working with hospital IT/Security teams to determine the best course of action until a Bayer certified MS security patch is provided. An action a hospital IT/Security team may consider is to unplug the Ethernet cable from the hospital network jack on the listed devices above which will take these devices offline.
In the event that the hospital opts to take these devices offline:
- Bayer and/or Medrad-branded injector(s) will continue to support contrast-enhanced procedures based on the hospital's established protocols through the control room unit.
- Contrast injection data will not transfer to PACS, speech recognition, Radimetrics, or other systems and is not retrievable.
- Remote service of Bayer Radiology devices through VirtualCare will also be deactivated.
Bayer will post updates regarding this malware event on this website and will reach out to customers when the Bayer approved Microsoft Security patch is available.
Customers requiring further assistance should contact their local service team for support.