Hennepin Healthcare activated a command center in the evening of May 14 after learning that versions of Microsoft's Windows operating systems had a vulnerability that could be used similar to the WannaCry worm, according to the Star Tribune.
The Minneapolis-based health system is just one throughout the country that is reacting to the vulnerability news. Microsoft released a statement May 14 that a vulnerability had been found in older Windows operating systems. While there has been no indication that hackers have taken advantage of the bug, Microsoft said it is "highly likely" the flaw will be exploited by malicious software.
Hennepin Healthcare has been working through a list of actions to secure older devices. Microsoft has also released patches for all of the systems that could be exploited.
Minneapolis-based Allina Health also took countermeasures on May 15 to handle the vulnerability as part of the health system's normal computer security work. The health system has more than 35,000 workstations and desktop computers; however, many of them are run on updated Windows versions that were not affected by the vulnerability.
Both information technology departments at Hennepin Healthcare and Allina Health have taken measures to protect vulnerable biomedical and diagnostic machines, which are now isolated into computer networks. These machines can only communicate with a minimum number of systems in order to avoid cyberattacks, the Star Tribune reports.
"The thing that makes this one so dangerous is that you don't need any access," Jeremy Sneeden, a manager in the threat and vulnerability department at Allina Health, told the Star Tribune. "A lot of vulnerabilities need a username and password, or some sort of access to the machine, to make the vulnerability work."
More articles on cybersecurity:
Oregon State Hospital alerts patients of phishing attack
Memorial Hermann employee 'improperly' used patients' credit card info
First cybercrime hotline unveiled in Rhode Island