Universal Health Services Hit by Nationwide Ryuk Ransomware Attack
Universal Health Services (UHS) has been struck by a widespread ransomware attack. Employees reported that computers all over the network started shutting Themselves down around 2:00 AM Sunday morning. All UHS facilities in the United States are impacted by the cyber attack in what appears to be Ryuk ransomware.
It was reported that UHS staff had to resort to recording information on paper as all computers are unusable.
Ryuk ransomware seems to be the culprit behind the United Health ransomware attack (UHS) stock. Although no screenshots of infected computers are available yet, an employee said that computer file extensions were re-named t .ryk – which is the mark of Ryuk ransomware. Ryuk ransomware often infects computers through Remote Desktop (RDP) access and macro-enabled DOCX and PDF files.
Ryuk Ransomware is notorious for its high-ransom price tags which are scaled proportionally according to the company’s ability to pay.
READ: US Coast Guard Says Port Attacked by Ryuk Ransomware
One employee’s account of the ransomware attack said that “When the attack happened multiple antivirus programs were disabled by the attack and hard drives just lit up with activity. After 1 min or so of this the computers logged out and shutdown. When you try to power back on the computers they automatically just shutdown.” Similar malicious activity was reported by staff I facilities in North Dakota and or Arizona.
This attack began on a Sunday. It’s common for malware and ransomware attacks to begin over the weekend. Hackers commonly choose to launch attacks on non-business days because they’re hoping that there is not as much IT staff working on the weekends.
Ryuk Ransomware Cyber Attacks
In December of last year, the United States Coast Guard reported cyber tag at an unnamed Maritime Transportation Security Act regulated facility. Ryuk Ransomware was behind the attack . The marine facility was shut down for over 30 hours
Ryuk ransomware is it different from other types of ransomwares. The attackers behind this Ryuk generally scale the demand amount depending on the company’s perceived ability to pay. It is estimated that Ryuk ransomware attacks have noted about $4 million USD.
Universal Health Services Hospitals
Universal Health Services (UHS) is a Fortune 500 hospital and healthcare services provider with 400 facilities across the United States and the United Kingdom. Most of its locations are in the States. UHS has over 90,000 employees and serves about 3.5 million patients each year.
Universal Health Services posted a statement on their website saying “The IT Network across Universal Health Services (UHS) facilities is currently offline, due to an IT security issue.”
READ: What is Ryuk Ransomware?
What is Ransomware?
Ransomware is a type of malware that infects a computer and encrypts files , directories, or the entire machine. Ransomware can also infect entire IT networks and can disable all computers connected to the same network.
Ransomware attackers demand a cash payment to release control of a compromised computers. Before they lock up a computer the hackers may steal sensitive information from the network. They often post portions of the stolen data online to pressure the victim into paying their ransom.
UHS said in their statement that, “No patient or employee data appears to have been accessed, copied or misused.” However, the incident is still happening and the investigation ongoing.