A Ryuk ransomware attack launched by Russian hackers targeting Virtual Care Provider Inc. resulting in 110 hospitals being unable to access medical records.
Cloud hosting company Virtual Care Provider is attacked by a Ryuk ransomware and up to 20% of its servers were affected by the attack. Almost 110 nursing homes and acute-care facilities in over 45 staters are working with Virtual Care Provider. The company is now under ransomware attacks and hackers could take control of the servers and demanding $14 million in bitcoin in exchange for the data.
Similar to SamSam virus
Ryuk has some similarities to the SamSam virus. U.S. Department of Health and Human Services Healthcare Cybersecurity Communications and Integration Center explained Ryuk is designed especially for targeted attacks with its encryption functionality. HIMSS Director of Privacy and Security Lee Kim in the September/October 2019 HIMSS Healthcare and Cross-Sector Cybersecurity Report:
“Ransomware attacks are still alive and well. hile the volume of ransomware attacks have decreased, these attacks have become more targeted and profitable. Prioritizing servers that provide Active Directory access, email, eMAR, and EHR applications. We will be communicating status updates often and transparently, and, in preparation for service restoration, recommending to you the most efficient manner for your users to regain authenticated access.”