WannaCry Ransomware Cyberattack Update

Petya ransomware first appeared on Tuesday, June 27, 2017. Petya is similar to WannaCry in that it primarily uses the "Eternal Blue" SMBv1 exploit, leaked by the Shadow Brokers from stolen NSA code, to enter the system. Later reports surfaced that Petya is using an HTA attack (CVE2017-0199) as well, allowing for a phishing approach that may bypass firewalls that should be blocking inbound port 445. Petya encrypts the Master File Table (MFT) for NTFS partitions and overwrites the Master Boot Record (MBR) with a custom bootloader. To release encrypted data, the ransomware demands an average payment of $300 in bitcoins. Systems that have already applied the Microsoft's MS17-010 security patch are not vulnerable to the EternalBlue exploit used by Petya.

Response

Teams at Beckman Coulter are aggressively evaluating the risk and cybersecurity vulnerability profiles of both our software solutions and instrument software products. Where appropriate, teams are validating the installation of the MS17-010 Microsoft security patch and developing specific customer instructions for those systems.

Some products do not use or rely on a Microsoft Windows-based operating system and therefore are not vulnerable to or affected by WannaCry ransomware. Please see the product table below for more information.

We will continue to update our product information as our evaluation of the issue continues and new information becomes available.

Microsoft Security Bulletin MS17-010 

Released in March 2017, this update addressed the Microsoft security vulnerability exploited by WannaCry ransomware. We suggest that customers who have not already applied this update consult the product listing below before doing so. In addition, as the complexity of customer system configurations varies greatly, we strongly recommend that our customers work directly with their IT departments to ensure compatibility of the software update with their networked systems.

For additional technical details and indicators associated with this ransomware, please review the latest update from the U.S. Department of Homeland Security: US-CERT Alert (TA17-132A).

Beckman Coulter Life Sciences Product Information Updates

 

Beckman Coulter Diagnostics

Our diagnostic product information updates can be found on beckmancoulter.com.