Ryuk ransomware returns and takes multiple US hospitals offline

healthcare
(Image credit: Rawpixel / Pixabay)

Multiple hospitals across the US have been hit by a ransomware attack, taking vital healthcare systems offline.

The attack is thought to be Ryuk ransomware, operated by the Russian cybercriminal syndicate Wizard Spider, which can lock out users and encrypt devices until a ransom is paid.

A joint advisory issued by the CISA, FBI and Department of Health and Human Services mentioned, "credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers."

Ryuk attacks

The US government has hosted an emergency call with key players in the healthcare industry to update them, with hospitals across the US have been affected by the attack spree, with facilites in New York, Vermont and Oregon seeing disruption to their services.

Ryuk first emerged as a major cybersecurity threat in 2019 after a number of big businesses were targeted by the ransomware.

Earlier this year, Universal Health Services (UHS), which operates circa 400 healthcare facilities in the UK and US, confirmed it has been hit by Ryuk, with the organization’s computer systems have been locked and access to phone systems also affected.

Researchers from security firm Check Point have found that in the past month, ransomware attacks against the healthcare sector in the US increased 71% compared to September, and in EMEA attacks increased by 36%. The company added that its data showed the Ryuk ransomware was responsible for 75% of the attacks on the U.S. healthcare sector in October.

“The increase in ransomware attacks began with the advent of the coronavirus pandemic, as organizations scrambled to enact remote workforces, leaving significant gaps in their IT systems," noted Check Point Head of Threat Intelligence Lotem Finkelsteen. 

"However, the last three months alone have shown alarming surges in ransomware attacks, and this new targeting of the healthcare sector is a particularly worrying development, because of the potential consequences. We strongly urge healthcare organizations everywhere to be extra vigilant.”

Via Bleeping Computer

Mike Moore
Deputy Editor, TechRadar Pro

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.

Latest in Security
Data Breach
Thousands of healthcare records exposed online, including private patient information
China
Juniper patches security flaws which could have let hackers take over your router
Representational image depecting cybersecurity protection
GitLab has patched a host of worrying security issues
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.
AI agents can be hijacked to write and send phishing attacks
China
Volt Typhoon threat group had access to American utility networks for the best part of a year
Abstract image of cyber security in action.
MassJacker malware targets those looking for pirated software
Latest in News
A super close up image of the Google Gemini app in the Play Store
It's official: Google Assistant will be retired for phones this year, with Gemini taking over
Quordle on a smartphone held in a hand
Quordle hints and answers for Sunday, March 16 (game #1147)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Sunday, March 16 (game #378)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Sunday, March 16 (game #644)
Three iPhone 16 handsets on show
Apple could launch an iPhone 17 Ultra this year – but we've heard these rumors before
Super Mario Odyssey
ChatGPT is the ultimate gaming tool - here's 4 ways you can use AI to help with your next playthrough