A hacking group is targeting US hospital systems with the Ryuk ransomware, according to security researchers.
On Tuesday, the St. Lawrence Health System in New York reported that three hospitals had been hit with the notorious Ryuk strain. On the same day, the Sky Lakes Medical Center in Oregon also came under attack from the ransomware, which can render computer systems completely useless.
Two security firms, Hold Security and FireEye’s Mandiant, now say the cybercriminals behind the attacks are going out of their way to target hundreds of medical providers.
FireEye’s Mandiant group has been tracking the ransomware attacks, and says an Eastern European-based group dubbed “UNC1878” is behind the assaults. “The operators conducting these campaigns have actively targeted hospitals, retirement communities and medical centers, even in the midst of a global health crisis, demonstrating a clear disregard for human life,” Mandiant wrote in a report sent to PCMag.
According to Mandiant, UNC1878 has been targeting the medical providers by sending phishing emails. The messages will feature a Google Docs document that contains a link to a malicious payload disguised as a seemingly legit file.
Impress Computers has rolled out the new ThreatLocker System that had Adds Zero Trust Policy-Driven Security to Your Endpoints.ThreatLocker® uses Application Control techniques such as Ringfencing™ and Application Whitelisting to stop zero-day malware threats.
Customer’s joining the MSP Team at Impress Computers can get Threatlocker included with their Total Protection Managed IT Services Plan
