Security News > 2020 > October > U.S. Hospitals Warned of Imminent Ransomware Attacks From Russia

The U.S. government has warned hospitals and healthcare providers of an "Increased and imminent" ransomware threat, which some experts have attributed to cybercriminals from Eastern Europe.
The organizations say they've received credible information that threat actors are targeting the healthcare sector with the TrickBot malware in attacks that often lead to ransomware infections, data theft and disruption of healthcare services.
"Multiple hospitals have already been significantly impacted by Ryuk ransomware and their networks have been taken offline. UNC1878 is one of most brazen, heartless, and disruptive threat actors I've observed over my career."
While some ransomware operators have decided to avoid targeting healthcare organizations during the COVID-19 pandemic, that does not seem to be the case for Ryuk operators, who, according to what intelligence firm Hold Security told blogger Brian Krebs, have been planning on deploying ransomware at over 400 healthcare facilities in the United States.
According to various local media reports, several hospitals in the United States reported being hit by ransomware over the past days.
News URL
Related news
- US indicts 8Base ransomware operators for Phobos encryption attacks (source)
- RA World Ransomware Attack in South Asia Links to Chinese Espionage Toolset (source)
- Chinese espionage tools deployed in RA World ransomware attack (source)
- Lee Enterprises newspaper disruptions caused by ransomware attack (source)
- Southern Water says Black Basta ransomware attack cost £4.5M in expenses (source)
- Qilin ransomware claims attack at Lee Enterprises, leaks stolen data (source)
- Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Hunters International ransomware claims attack on Tata Technologies (source)
- Toronto Zoo shares update on last year's ransomware attack (source)