The Ruthless Cyber Gang Behind the Hospital Ransomware Crisis
June 10, 2021 – Article posted on The Wall Street Journal
Multiple ransomware attacks against U.S. hospitals have been carried out in recent months, suspending some surgeries, delaying medical care and costing hospitals millions of dollars.
The Wall Street Journal tracked the most disruptive attacks to one group known as Ryuk, a notorious gang of Eastern European cybercriminals with ties to Russian government security services. It is the most prolific ransomware gang in the world, accounting for one-third of the 203 million U.S. ransomware attacks in 2020, and collecting at least $100 million in paid ransom last year.
The group targets large organizations with deep resources, breaking into their networks and installing malicious software that locks every file on every computer with an encryption key, essentially an uncrackable password. Ryuk routinely extracts six- and seven- figure payments from victims in exchange for revealing the encryption key, according to security companies tracking the group.
Hospitals are attractive targets for their rich data environments and less mature cybersecurity controls compared to other sectors such as financials.
“I don’t think I’ve ever had a conversation with Ryuk that was over a sentence or two,” said Tony Cook, head of threat intelligence at GuidePoint Security. Mr. Cook said he has dealt with Ryuk in 15 ransomware cases, four of them hospitals. “You don’t have a lot of wiggle room with them,” he said.
Read More HERE.