Ryuk Ransomware Keeps Targeting Hospitals During the Pandemic
The operators behind Ryuk Ransomware continue to target hospitals amid the recent pandemic, even as organizations are overwhelmed by the number of cases and insufficient medical gear and technology. Last week, BleepingComputer reached out to various ransomware groups and asked if they would continue to target the medical industry, including private healthcare organizations during the pandemic. Of the seven operators contacted, only two, Maze and DoppelPaymer, responded that they plan to cease targeting hospitals during the health crisis.
Maze operators have released data previously stolen from a drug testing company that was encrypted by the group before stating that they would stop targeting healthcare. However, Maze continues to uphold that they will not conduct any more campaigns that encrypt hospitals or other healthcare organizations. Ryuk operators never responded, and since BleepingComputer reached out they have continued to target hospitals that are critical to the livelihood of COVID-19 patients. This morning, a US health care provider was attacked and encrypted overnight by Ryuk.