Close this search box.

Hospitals Being Targeted by Wave of Ryuk Ransomware

Two computer monitors one with coding in different colors and one with a black screen.

Ransomware attacks on U.S. hospitals are on the rise as coordinated cyber attacks attempt to infect entire networks for financial gain. Federal agents sent an urgent alert last Wednesday night to hospital and healthcare professionals urging all to take necessary cybersecurity precautions to protect their networks.

According to the FBI and the Department of Health and Human Services there is “credible information of an increased an imminent cybercrime threat to US hospitals and health care providers.”

Hackers are using Ryuk ransomware to encrypt the healthcare organization’s data and keep it locked up. You may recall that in late September, Universal Health Care Systems fell victim to Ryuk ransomware leaving them helpless to ensure patient care as their systems were down for several days. Ryuk is a type of crypto-ransomware that uses encryption to block access to a system, device or file until a ransom is paid. Ryuk is often dropped on a system by other malware, most notably Trickbot. Ryuk is difficult to detect as it’s often spread via other malware dropping into already existing infected systems.

Officials do not recommend paying the ransomware; no matter how little the fee is. Paying does not guarantee your data back, sets a precedence and it goes against information security laws.

HIPAA Resource Center

“We are experiencing the most significant cybersecurity threat we’ve ever seen in the United States,” said Charles Carmakal, Mandiant’s chief technology officer, describing the group as “one of most brazen, heartless and disruptive threat actors I’ve observed over my career.”

The good news is – you can start protecting your data from ransomware. Endpoint Detection and Response (EDR), among other tools, can detect and alert you or your provider of fileless malware like Ryuk. Learn more about our EDR solution or schedule a HIPAA Compliance Gap Review with our cybersecurity experts today.

Corsica Technologies
Corsica provides personalized service and a virtual CIO (vCIO) who serves as a strategic advisor. When it comes to the complex integration of solutions for IT and cybersecurity, the whole is greater than the sum of its parts. We offer cybersecurity solutions, managed services, digital transformation, resale services, and one-off technology projects. Corsica unifies any combination of these services into a complete, seamless solution.

Related Reads

Sign Up For Our Newsletter

Stay up-to-date on the Managed Services and Cybersecurity landscape, and be the first to find out about events and special offers.