Ryuk Ransomware Function Spreads Across Networks Quickly. In terms of ransoms paid, Ryuk is the most successful ransomware strain in use today, having netted an estimated $150 million for the group behind the malicious code.
According to a recent report published by France’s national cybersecurity agency, Ryuk Ransomware just got even more dangerous.
Ryuk Ransomware use has historically been preferentially against hospitals and companies closely related to the healthcare industry, especially malicious during the ongoing pandemic. With Ryuk Ransomware’s newly discovered capabilities, hospitals around the world are in even more danger.
French IT security professionals discovered a new Ryuk Ransomware module added to the core code. It gives the malware worm-like capabilities that enable it to self-replicate across any machine on the same network as an infected device. This allows the latest version of Ryuk Ransomware function to spread like wildfire across any network the ransomware can infect at a single point, making it virtually impossible to stop once it gains a foothold.
A Silver Lining
If there’s a silver lining, it is in the fact that hospitals are significantly better at ensuring their backups are robust and at regular intervals. Even so, if a hospital network is down because of encryption of the computer files, it can put lives at risk in a way that a manufacturing plant or companies in the financial sector simply don’t. That makes the risks and the stakes even higher.
In most cases, the initial Ryuk Ransomware infection comes about when hackers control it and take advantage of unpatched system vulnerabilities. This is perhaps another silver lining because that, at least, is something IT managers can control. The lesson here is simple: If you stay current where installing patches and security updates are concerned, you’re less likely to fall victim to a Ryuk Ransomware attack. It’s not perfect protection, but anything easy and inexpensive to do that reduces your risk is well worth doing. The question then is simply this: Is your network running all the latest security patches? If you’re not sure, make finding out a priority.
