AHA Center for Health Innovation Market Scan
FBI Alert TLP White: Indicators of Compromise Associated with Ryuk Ransomware
May 2, 2019
Unknown cybercriminals have targeted more than 100 US and international businesses with Ryuk ransomware since approximately August 2018. Ryuk encrypts files on network shares and an infected computer’s filesystem. Once the victim has been compromised, the actors encrypt all the network’s files and demand sums of up to $5 million worth of Bitcoin (BTC) in exchange for a decryptor program. Ryuk’s targets are varied and indiscriminate, but attacks focus on organizations with high annual revenues in hopes of extracting larger ransoms from the victims. While Ryuk is generally undiscerning about victims, attacks have had a disproportionate impact on logistics companies, technology companies, and small municipalities.
Key Resources
Related Resources
Special Bulletin
AHA Center for Health Innovation Market Scan