Today the ECS-CERT and the Federal Bureau of Inquiry announced that the recent Novovirus outbreak at Angels Memorial Hospital in Los Angeles was caused by a cyberattack on the Robotron Hospital Sanitizer. That outbreak has been the cause of six deaths over the last week and a large number of patients returning to the hospital for treatment for the new intestinal illness.
Immanuel C. Securitage from ECS-CERT told reporters at this morning’s news conference that his organization had detected a new worm, WannaDie, that used the same attack profile as the recent WannaCry ransomware attack. Instead of infecting the system with ransomware, however, the new worm executes a man-in-the-middle attack that allows it to take control of the device while its outputs and controls seem to indicate normal operation. In the case of the attack on the Robotron devices at Angels Memorial the sanitizer operations were changed to a much lower temperature that failed to kill the Novovirus, allowing ‘sanitized’ devices to spread the infection.
Senior Agent Johnathon Quest announced that the FBI was investigating the cyberattack as a potential terror attack. The German hacking collective Stasi Ehemalige published a statement yesterday being responsible for the development of the WannaDie worm, but denying responsibility for the Angels Memorial attack. They did admit, however, that they had sold copies of the worm to a number of interested activist organizations.
Dr. Rollie Guthrie from Angels Memorial announced that the worm has been successfully removed from the devices with help from ECS-CERT. Additionally, the Hospital IT staff had disconnected all of its Robotron Hospital Sanitizer’s from the Hospital’s network to prevent re-infection.
Securitage noted that ECS-CERT was working with Robotron to develop a software update to remove the vulnerability that made the attack possible.