Hospitals Being Targeted by Wave of Ryuk Ransomware

Two computer monitors one with coding in different colors and one with a black screen.
Two computer monitors one with coding in different colors and one with a black screen.

Ransomware attacks on U.S. hospitals are on the rise as coordinated cyber attacks attempt to infect entire networks for financial gain. Federal agents sent an urgent alert last Wednesday night to hospital and healthcare professionals urging all to take necessary cybersecurity precautions to protect their networks.

According to the FBI and the Department of Health and Human Services there is “credible information of an increased an imminent cybercrime threat to US hospitals and health care providers.”

Hackers are using Ryuk ransomware to encrypt the healthcare organization’s data and keep it locked up. You may recall that in late September, Universal Health Care Systems fell victim to Ryuk ransomware leaving them helpless to ensure patient care as their systems were down for several days. Ryuk is a type of crypto-ransomware that uses encryption to block access to a system, device or file until a ransom is paid. Ryuk is often dropped on a system by other malware, most notably Trickbot. Ryuk is difficult to detect as it’s often spread via other malware dropping into already existing infected systems.

Officials do not recommend paying the ransomware; no matter how little the fee is. Paying does not guarantee your data back, sets a precedence and it goes against information security laws.

HIPAA Resource Center

“We are experiencing the most significant cybersecurity threat we’ve ever seen in the United States,” said Charles Carmakal, Mandiant’s chief technology officer, describing the group as “one of most brazen, heartless and disruptive threat actors I’ve observed over my career.”

The good news is – you can start protecting your data from ransomware. Endpoint Detection and Response (EDR), among other tools, can detect and alert you or your provider of fileless malware like Ryuk. Learn more about our EDR solution or schedule a HIPAA Compliance Gap Review with our cybersecurity experts today.

Corsica Technologies
Corsica Technologies is an MSP specializing in cybersecurity solutions, managed IT services, digital transformation, and data integration. Corsica provides solutions for midmarket businesses including network monitoring, data protection, incident response, and IT support. Corsica offers unmetered technology services for fully managed or co-managed teams to address all technology needs under a one-flat monthly fee. 

Related Cybersecurity and IT Reads

Modern SOC empowered by AI - Corsica Technologies
Cybersecurity
Ross Filipek

How AI Is Changing the Modern SOC Forever

A recent article in The Hacker News discussed the emergence of SOC 3.0—the latest iteration of the modern SOC (Security Operations Center). The SOC of the future will use sophisticated AI tools to detect and respond to threats at scale.

Read more

Sign Up For Our Newsletter

Stay up-to-date on the Managed Services and Cybersecurity landscape, and be the first to find out about events and special offers.

Ready to talk to an expert?

We’ll respond within 1 business day, or you can grab time on our calendar.