An employee of Wycoff has stated that the hospital suffered a Ryuk ransomware attack during October 2020. Wyckoff Heights Medical Center is a 350-bed teaching hospital located in Brooklyn, NY. To prevent the spread of the attack to other devices, it is indicated that Wyckoff Hospital shut down portions of their network. However, by this stage it was too late, and many of the devices had been encrypted.
It has also been reported today that the University of Vermont Health Network had suffered a cyberattack affecting all the hospitals in their network to varying degrees.
These events follow earlier warnings from Federal agencies, who have cautioned that cybercriminals could unleash a wave of data-scrambling extortion attempts against the U.S. health care system. The increasing use of smart medical equipment and mobile devices is making healthcare organizations more susceptible to ransomware and other types of malware.
Commenting on these recent attacks is Sanjay Jagad, Sr. Director Products and Solutions, Cloudian.
Jagad tells Digital Journal how the “ransomware malware is proving to be an especially devastating weapon against healthcare organizations this year, and the Wyckoff Heights Medical Center and the University of Vermont Health Network are the latest victims to be impacted.”
In terms of how the malicious software works, Jagad explains: “Ryuk allows malicious actors to delete all backup files, preventing victims from recovering encrypted files without the decryption program. An attack this thorough emphasizes the need for defense at the storage layer using immutable backup copies. This feature, called Object Lock, renders backup data copies unchangeable for a set period of time, which prevents hacker encryption or deletion and ensures a clean data copy for reliable recovery.”
Ryuk is specifically used to target enterprise environments. Traditionally this has meant financial institutions; now healthcare appears firmly insight.