Ryuk ransomware is continuing to target hospitals and other medical providers during the global coronavirus pandemic despite some cybercriminals encouraging others to refrain from doing so.

According to data released March 26 by Bleeping Computer, Ryuk in the last month has targeted 10 health organizations, including two independent hospitals and another healthcare provider with a network of nine hospitals in the U.S. Infosecurity analyst PeterM said separately on Twitter that he was looking at the U.S. healthcare provider that had been targeted by Ryuk in the last week.

Ryuk was originally believed to be North Korean, but a report in January 2019 tied the ransomware to a Russian crime syndicate. It has been used in high-profile attacks such as one on Florida cities in June and a North Carolina water utility in October 2018. It was most recently in the news following an attack on Mexican state-owned petroleum company Petróleos Mexicanos in November and the U.S. Coast Guard in January.

The new Ryuk attacks are not the only form of ransomware attack seen during the pandemic. A health service district in Illinois and a hospital in the Czech Republic were targeted with ransomware earlier this month.

“Healthcare is the richest target for hackers, who are never going to let the proverbial crisis go to waste,” Colin Bastable, chief executive officer of security awareness training firm Lucy Security AG, told SiliconANGLE. “The pandemic is going to be a big payday for many cybercriminals and state-backed bad actors.”

Using security awareness training, security teams can minimize the risks of successful ransomware attacks by “patching people” as well as systems, Bastable added. “Regular training through simulated, realistic attacks reduces people’s vulnerability tenfold,” he said.

Salah Nassar, vice president of marketing at cloud security company CipherCloud Inc., noted that the sudden influx of remote workers during the coronavirus pandemic has put a strain on every business, including healthcare.

“As most employees transition to work from home, the No. 1 problem healthcare organizations are struggling with is ensuring healthcare data integrity and HIPAA compliance,” Nassar said. “IT teams need to get visibility into the data and user activity of remote workers to ensure sensitive data and PII is protected. Now is the time for healthcare organizations to be especially vigilant. ”

Free help is at hand for hospitals that are targeted by ransomware attacks during the pandemic. Cybersecurity firm Emsisoft along with incident response company Coveware Inc. announced March 18 that they were offering free assistance to hospitals and other healthcare providers that are targeted with ransomware attacks. A similar initiative was launched by a group of U.K. cybersecurity companies March 16.

Photo: Unsplash