Three US federal agencies have recently co-authored report warning hospitals of malicious Ryuk Ransomware. These agencies include the FBI, the Department of Homeland Security and the Department of Health & Human Services. The agencies said that the cybercriminals, probably a Russian group, are unleashing a wave of data-scrambling extortion attempts against the US healthcare system.
The group, identified as UNC1878 has been deploying ransomware called Ryuk and disrupting the activities of multiple hospitals. It locks up the information on the systems in these computers & doesn’t release unless the target pays a price for the same.
This has taken the hospitals’ IT networks offline causing disruption.
Multiple hospitals are affected, many more at risk.
Although there is no disclosed specific information regarding the attack or all the hospitals affected by it; the announcement has come after nearly 4 medical institutions across Oregon & New York have faced the incident of infecting ransomware. Earlier this week, Oregon’s Sky Lakes Hospitals experienced this ransomware attack, shutting down their IT activities. Similarly, New York’s Massena, Gouverneur & Canton-Potsdam hospitals’ IT networks were hit by the same ransomware, causing them to revert to back-up processes.
The agencies are doing their best in warning the hospitals against the said ransomware. The attackers are using the strains of the known ransomware Ryuk.
Ryuk ransomware attack is seeded via a number of zombie computers called Trickbot.
Microsoft has been trying hard to counter Trickbot since the start of October. The US Cyber Command has also taken action against it, as per the reports. But the attackers are still finding ways to spread Ryuk. Though not many cases have come to light, many are under this threat now that has quickly disrupted the activities of the above mentioned medical institutions.
The ransomware can make Covid-care difficult.
COVID-19 is the century’s worst pandemic by far. Countries have been struggling to overcome it for a long time now. America is the worst hit by the pandemic, times are especially harder for them. So, this ransomware can actually make things worse for the US medical institutions. The ransomware scrambles the information on IT systems, which can cause disruption in providing healthcare. This can put the lives of many at risk.
The vice-president of the US cyber incident response firm Mandiant has called the attack ‘the most brazen, heartless & disruptive threat actors he has ever observed.’ They are repeatedly causing disruption across hospitals, causing some to opt to function on paper, which is not only highly inefficient but also risky.
The agencies are doing all they can to mitigate the effects of this ransomware attack & warn the medical institutions in due time. Cyber-experts around the world have promised to help protect healthcare institutions in order to help save them against such healthcare hacking efforts.