Product Security Service Bulletin for “WannaCry” Ransomware

Background

BD is monitoring the developing situation with a large-scale ransomware attack that is affecting healthcare facilities across the globe. The “WannaCry” ransomware encrypts all files on affected computers and demands the administrator pay a ransom in order to regain control of those files. If affected, healthcare providers may lose access to patient files and experience major IT disruption and delays. At this time, we are actively monitoring the situation and working closely with customers to ensure the appropriate measures are taken to help safeguard our products.

Response

As a result of these events, BD recommends the following for systems running a Microsoft Windows operating systems with any form of network connectivity to minimize risk and impact:

BD has provided the list below in order to better help our customers identify any BD products running Microsoft Windows Operating Systems with potential network connectivity. This list provided below does not indicate the patch or device status.

  • Alaris Communication Engine
  • Alaris Systems Manager
  • BD Accuri C6 Gen II
  • BD Accuri C6 Plus
  • BD Alaris Server
  • BD BACTEC FX
  • BD BACTEC FX40
  • BD BACTEC Touch
  • BD Cato
  • BD EpiCenter
  • BD FACS Aria Fusion
  • BD FACS Aria I/II/III
  • BD FACS Canto 10-color
  • BD FACS Canto 10-color clinical
  • BD FACS Canto II
  • BD FACS Canto II clinical
  • BD FACS Celesta
  • BD FACS Jazz
  • BD FACS Link Interface
  • BD FACS Lyric
  • BD FACS Sample Prep Assistant (SPA) III
  • BD FACS Verse
  • BD FACS Via
  • BD GenCell CliC
  • BD Influx
  • BD Kiestra InoqulA
  • BD Kiestra TLA
  • BD LSR II
  • BD LSRFortessa
  • BD LSRFortessa X-20
  • BD MAX
  • BD Phoenix M50
  • BD Totalys DataLink
  • BD Totalys FocalPoint GS Review Station
  • BD Totalys Multiprocessor
  • BD Totalys SlidePrep
  • BD Totalys/Data Innovation PC
  • BD ViperLT
  • Pyxis Anesthesia System
  • Pyxis CIISafe
  • Pyxis Connect
  • Pyxis MedStation System
  • Pyxis PARx System
  • Pyxis Pharmogistics Inventory Management
  • Pyxis ProcedureStation
  • Pyxis StockStation
  • Pyxis SupplyStation
  • Rowa Dose
  • Rowa Vmax System

For product or site specific concerns, contact your BD service representative.
Note: The intended use of these products does not include email and/or Internet browsing.

For procedures specific to your product, please contact your BD service representative. If you observe symptoms of this ransomware attack, disconnect your system from the network and contact your BD service representative or the Corporate Product Security Office: ProductSecurity@bd.com.

For additional technical details and indicators associated with this ransomware, please review US-CERT Alert (TA17-132A).