Recently, hospitals and other US healthcare providers report attacks by Ryuk ransomware. BleepingComputer states that while some ransomware operating groups pledged not to attack healthcare providers during the coronavirus outbreak, Ryuk gave no comment. Since then, BleepingComputer’s sources report that Ryuk Ransomware targeted and encrypted a healthcare provider. Worse, this attacked healthcare provider operates in a state heavily affected by the coronavirus.
This report demonstrates a few key principles. First, your business cannot put its faith in the honesty, decency, or empathy of cybercriminals. While perhaps some criminals have something like a sense of propriety, others do not. In fact, the majority are opportunists and malicious actors who do not care about the world. Additionally, many welcome the confusion and chaos stemming from the coronavirus crisis to initiate their attacks.
What does this Ryuk Ransomware wave mean for enterprises? Obviously, healthcare enterprises should take advantage of endpoint security capabilities for their use cases. However, we also collected statements from endpoint security and cybersecurity experts on the Ryuk Ransomware wave.
Here’s what they had to say.
Expert Commentary on Ryuk Ransomware
Mickey Bresman is CEO of Semperis
“While COVID-19 is disrupting many aspects of daily living, it’s not disrupting the work of nation-state hackers and cybercriminals. On the contrary, bad actors are using the crisis to launch new phishing, malware, and other attacks that exploit public concern over the virus. Nothing is off-limits, not even the most vulnerable. Ryuk Ransomware operators continue to target hospitals and shut down the entire IT networks, which delays urgent surgical procedures and undercut COV-19 intervention efforts.”
“As cybersecurity leaders, we are all on the front lines of a new war—one that has virtually no boundaries and does not play by any rules. It is clear that our adversaries aren’t limited to just hacking databases or defacing websites—they can actually put lives in danger. That risk extends beyond the business world to society at large. Ransomware has evolved into a multi-billion-dollar industry, and it is far worse than we know—many victims quietly pay off their attackers without ever notifying the authorities. If you follow the money, it finances illegal narcotics, weapons, terrorism, human trafficking, and child exploitation.”
Salah Nassar is Vice President of Marketing of CipherCloud
“The sudden influx of remote workers due to the coronavirus pandemic has put a strain on every business, including healthcare. As most employees transition to work from home, the number one problem healthcare organizations are struggling with is ensuring healthcare data integrity and HIPAA compliance. IT teams need to get visibility into the data and user activity of remote workers to ensure sensitive data and PII is protected. Now is the time for healthcare organizations to be especially vigilant.”
Colin Bastable is CEO of Lucy Security
“Healthcare is the richest target for hackers, who are never going to let the proverbial crisis go to waste. The pandemic is going to be a big payday for many cybercriminals and state-backed bad actors. Using security awareness training in a holistic, work-centered context, security teams can minimize the risks of successful ransomware attacks by patching people as well as systems. Regular training through simulated, realistic attacks reduces peoples’ vulnerability 10-fold.”
Thanks to the endpoint security experts for their time and expertise. For more information, check out the Endpoint Security Buyer’s Guide.
Latest posts by Ben Canner (see all)
- Key Findings: The Tessian State of Data Loss Prevention 2020 - May 29, 2020
- IoT Security in the Time of the Coronavirus - May 26, 2020
- Sophos State of Ransomware 2020 Report Shows Dangers of Paying - May 22, 2020