June 29, 2017
Impact on Medical Devices
The starting point of this Cyber-attack is to open an email attachment or download a file by accidentally clicking on a malicious URL while accessing a web page. Such everyday operation exploits Microsoft's Windows(R) OS vulnerability so that a malicious program disables computer operation, encrypts data file to make it unavailable or attacks other computers. The attacks from infected computers within a facility are actual threats for medical equipment and those attacks look like DDoS attack (Distributed Denial of Service attack). When our Product is used as directed, the likelihood of infection is extremely low.
TMSC' approach to Ransomware
We would like to assure all our customers that taking necessary measures to the Ransomware (WannaCry / Petya / Goldeneye) Cyber-attack is our highest priority and to restore all our Products to normal operation as soon as possibl. Currently we are evaluating any impact by the MS17-010’s vulnerability for each Product. When we find any critical impacts by Ransomware (WannaCry / Petya / Goldeneye) in our Product, we will inform you if there is an appropriate measure for you to take for the Product(s) installed in your facility. At this time we do not recommend the installation of any MS Windows patches / updates to the Product. In the meantime, please refer to the instruction / operation manual of the Product(s) which states the necessary conditions you shall comply with when using the Product not the least of which the Product shall not be used to access services such as email or internet web browsing. Also, if a computer-virus infection occurs in your facility, please take measures to prevent the spread of the infection by isolating the infected network as soon as possible. If the Product becomes infected, please contact our service organization as you normally would.
The following measures could be effective in your network environmentto prevent Ransomware (WannaCry / Petya / Goldeneye) Cyber-attack.
1. Control network route
Identify the computers permitted to access the Product and change the network routing table in a network device such as router or firewall to prohibit the communication from computers other than those permitted computers.
2. Control of communication protocol and communication port
Since Ransomware (WannaCry / Petya / Goldeneye) Cyber-attack uses the following communication protocol and communication port, change the firewall setting of the network device(s) in the facility so as not to permit such communications.
|Service Name||Protocol Type and port number|
|NBT―NetBIOS Naming Service||TCP/UDP 137 port|
|NBT―NetBIOS Datagram Service||UDP 138 port|
|NBT―NetBIOS Session Service||TCP 139 port|
|Direct Hosting SMB||TCP 445 port|
About Toshiba Medical Systems Canada Limited
Toshiba Canada Medical Systems (TCMS), a Canon Group company headquartered in Markham, Ontario, provides patient-focused imaging technologies with specialties in CT, X-Ray, Angiography, Ultrasound and MRI. Advanced service solutions range from single-room coverage to complete asset management programs.
All sales, services and operations are Canadian-based, with a strong presence of technical service employees in more than 25 cities across the country. Reporting directly to Toshiba Medical Systems Corporation provides close ties to our research, engineering and product specialists, enabling the Canadian team to influence product decisions and delivery for the needs of our customers. For more information, visit www.toshiba-medical.ca.
About Toshiba Medical
Toshiba Medical offers a full range of diagnostic medical imaging solutions including Ultrasound, CT, X-Ray, and MR, across the globe. As of December 2016, Toshiba Medical became a member of the Canon Group. In line with our continued Made for Life philosophy, patients are at the heart of everything we do. Our mission is to provide medical professionals with solutions that support their efforts in contributing to the health and wellbeing of patients worldwide so that together our industry-leading solutions deliver an enriched quality of life.