Ryuk Ransomware Targets Hospitals Amid Coronavirus Pandemic

Published at: March 30, 2020

The operators of Ryuk ransomware continue to target hospitals, despite the intense pressures they are already facing as a result of the coronavirus pandemic.

On March 27, ‘PeterM’ of British IT security firm Sophos, tweeted that a United States-based healthcare provider had been targeted by Ryuk’s ransomware. PeterM stated that the cyber offensive “looks like a typical Ryuk attack,” posting:

“I can confirm that #Ryuk ransomware are still targeting hospitals despite the global pandemic. I'm looking at a US health care provider at the moment who were targeted overnight. Any HC providers reading this, if you have a TrickBot infection get help dealing with it ASAP.”

Two of seven ransomware operators claim to cease targeting hospitals 

On March 18, cybersecurity publication BleepingComputer published a report after contacting seven ransomware operators to ask if they would continue to target hospitals despite the COVID-19 outbreak.

Only Maze and DoppelPaymer indicated that they would no longer target hospitals. Maze later decrypted and released data that it had stolen from a drug testing company that it had targeted prior to the pandemic. 

Ryuk did not respond to the publication’s request for comment

One week later, Bleepingcomputer reported that software security firm SentinelOne had identified at least ten instances of Ryuk targeting at least 10 healthcare organizations during March — including one attack on a network of 9 hospitals.

Dutch cybersecurity firm freely fights ransomware for hospitals

As part of the “Tech against Corona” initiative — where a consortium of local tech companies are freely offering their services and technologies to the Dutch government to fight COVID-19 — IT security firm Cybersprint is helping hospitals fight ransomware.

In addition to providing its security services to the hospitals free of charge, it is also conducting a deep investigation into recent ransomware attacks to develop best practices to secure against future incidents.

Tags
Related Posts
We don’t need immunity passports, we need verifiable credentials
As the first vaccines against COVID-19 roll out, governments and institutions across the world are scrambling to figure out how to provide proof that someone has been vaccinated. Paper certificates, PDFs, wristbands and mobile apps have all been suggested — and the former director of the Centers for Disease Control, Tom Frieden, and international human rights attorney Aaron Schwid urged the adoption of digital “immunity passports” as a way to reopen the world. In theory, their idea is great. In practice, it’s terrible. Or, as the Daily Beast put it: “Vaccine Passports Are Big Tech’s Latest Dystopian Nightmare.” As a …
Decentralization / Jan. 20, 2021
A minister's look at healthcare: Providing fertile ground for blockchain innovation
The strain placed on healthcare teams and networks over the past few months has been severe, pushing dedicated medical professionals to the limit as they work tirelessly to combat COVID-19 in communities around the world. The crisis has permeated every facet of society, shining a spotlight on the glaring inefficiencies within the traditional global healthcare system and illustrating the inherent need for technology-driven initiatives that can alleviate pressure on healthcare professionals and ensure patient data collation is as streamlined and secure as possible. As someone who has long championed the potential of blockchain technology to be a transformative enabler of …
Technology / Aug. 29, 2020
As healthcare goes digital, blockchain platform vows to fix industry’s flaws
A blockchain-powered platform is vowing to tackle some of the biggest problems facing global healthcare right now — with the long-running coronavirus pandemic exposing some of the inefficiencies and fatal flaws that exist within this system. Radiologex says R-DEE streamlines communication, collaboration and data transmission, meaning patient files become truly interoperable and available anywhere in real time. This is a stark contrast to fax machines and couriers that hard-pressed medical facilities currently depend upon. But beyond providing unmatched security and unrivaled speed, the project’s founders also say that they are determined to eradicate manual documentation errors that can have a …
Technology / May 12, 2021
Expert Warns: Don’t Trust Ransomware Groups Amid Pandemic
A cybersecurity expert explained why he is convinced that the promises made by ransomware groups amid the pandemic are irrelevant. Brett Callow — threat analyst at cybersecurity firm Emsisoft — told Cointelegraph that multiple ransomware groups recently made promises to halt their activity against medical organizations amid the coronavirus pandemic. Still, he believes that those promises are irrelevant: “The claims of a ceasefire made by ransomware groups are irrelevant [and] should be completely disregarded. Would you leave your front door unlocked simply because the local burglars had pinky-promised not to rob you? Probably not. The story of the frog and …
Blockchain / April 16, 2020
Updated: Texas-Based Data Center CyrusOne Hit by Ransomware Attack
Updated Dec. 5, 20:30 UTC: This article has been updated to include comments provided by CyrusOne. Texas-based data center provider CyrusOne has reportedly fallen victim to an attack from REvil (Sodinokibi) ransomware, business tech-focused publication ZDNet reported on Dec. 5. One of the largest data centers in the United States, CyrusOne has reportedly been exposed to an attack by a variant of the REvil (Sodinokibi) ransomware, which previously hit a number of service providers, local governments and businesses in the country. The scope of the attack In an email to Cointelegraph, CyrusOne confirmed: “Six of our managed service customers, located …
Blockchain / Dec. 5, 2019