Colorado Medical Society

Cyber alert: How to protect your practice from hackers

Tuesday, May 16, 2017 12:25 PM

The United States Computer Emergency Readiness Team (US-CERT) has received multiple reports of ‘WannaCry’ (also known as ‘WannaCrypt’) ransomware infections in several countries around the world and in the United States. Some of these infections are impacting patient access to care. Ransomware is a type of malicious software that infects a computer and restricts users’ access to it until a ransom is paid to unlock it.  Individuals and organizations are discouraged from paying the ransom, as this does not guarantee access will be restored.

In addition to the information provided below, the American Medical Association (AMA) has resources to help physicians conduct a checkup of their systems, and to secure their networks and office computers. Additionally, the AMA has been engaged with the administration since the cyberattack and will continue to monitor the situation. Please let us know by replying to this email whether you have been impacted by the WannaCry infection. 

What should I do now?

Ransomware can infect computers and medical devices. The WannaCry infection affects systems running Windows and spreads easily when it encounters unpatched or outdated software.  Physicians should ensure that their computer’s operating systems and anti-virus software are updated and patched:

In addition, physicians should contact their medical device vendors and manufacturers to ensure that they have patched their device software. Medical device manufacturers can always update a medical device for cybersecurity; the FDA does not typically need to review changes made to medical devices solely to strengthen cybersecurity.

How to help protect yourself from downloads and email-based ransomware

Ransomware can be delivered via email by attachments or links within the email. Attachments in emails can include documents, zip files, and executable applications. Malicious links in emails can link directly to a malicious website the attacker uses to place malware on a system. To help protect yourself, be aware of the following:

Example of Ransomware

This is an example of what the ransomware may look like: 

ransomware exampleted

What to do if you have been infected

If your organization is the victim of a ransomware attack, contact law enforcement immediately.

  1. Contact your FBI Field Office Cyber Task Force immediately to report a ransomware event and request assistance. These professionals work with state and local law enforcement and other federal and international partners to pursue cyber criminals globally and to assist victims of cyber-crime.
  2. Report cyber incidents to the US-CERT and FBI’s Internet Crime Complaint Center.
  3. For further analysis and health-care-specific indicator sharing, please also share these indicators with HHS’ Healthcare Cybersecurity and Communications Integration Center (HCCIC) at

Additional resources