Universal Health Services (UHS), one of America's largest healthcare providers, has been hit by an alleged ransomware attack.
The company's IT networks have been taken offline by what is thought to be another case of Ryuk ransomware.
The most popular ransomware strains targeting UK businesses Selective ransomware Ryuk nets $4m from big businesses Spanish Ryuk ransomware attack hints at new WannaCry
Despite being relatively new, Ryuk has quickly built a fearsome reputation for attacks on enterprise-level businesses. It is ransomware that uses encryption to block access to a system until a ransom is paid.
This strain of malware hit UHS systems on Sunday, according to reports, shutting down its IT networks and forcing its workers to use "offline documentation". UHS provides healthcare for profit at some 400 hospitals and facilities across the US and in the UK.
"The IT network across Universal Health Services facilities is currently offline due to an IT security issue," the organisation said in a statement. "We implement extensive IT security protocols and are working diligently with our IT security partners to restore operations as quickly as possible."
One hospital worker told TechCrunch that their computer screen changed with text that referenced the "shadow universe", which is often the case with Ryuk ransomware attacks.
"Everyone was told to turn off all the computers and not to turn them on again," the unnamed person said. "We were told it will be days before the computers are up again."
It is not immediately known what effect the attack is having on patient care, or how widespread the infection is, but UHS has said that "no patient or employee data appears to have been accessed, copied or otherwise compromised".
Although the exact origin of Ryuk is unknown, it has been linked to a Russian cyber crime group called WizardSpider, which are known to go "big game hunting" - meaning they target larger organisations.
A number of Spanish organisations were hit by the ransomware earlier in the year, and there are fears it could lead to 'WannaCry' levels of disruption.
-
Hackers breached a 158 year old company by guessing an employee password – experts say it’s a ‘pertinent reminder’ of the devastating impact of cyber crimeNews A Panorama documentary exposed hackers' techniques and talked to the teams trying to tackle them
-
The ransomware boom shows no signs of letting up – and these groups are causing the most chaosNews Thousands of ransomware cases have already been posted on the dark web this year
-
Everything we know about the Ingram Micro cyber attack so farNews A cyber attack on Ingram Micro severely disrupted operations and has been claimed by the SafePay ransomware group.
-
A prolific ransomware group says it’s shutting down and giving out free decryption keys to victims – but cyber experts warn it's not exactly a 'gesture of goodwill'
News The Hunters International ransomware group is rebranding and switching tactics
-
Swiss government data published following supply chain attack – here’s what we know about the culpritsNews Radix, a non-profit organization in the health promotion sector, supplies a number of federal offices, whose data has apparently been accessed.
-
Ransomware victims are getting better at haggling with hackersNews While nearly half of companies paid a ransom to get their data back last year, victims are taking an increasingly hard line with hackers to strike fair deals.
-
LockBit data dump reveals a treasure trove of intel on the notorious hacker groupNews An analysis of May's SQL database dump shows how much LockBit was really making
-
‘I take pleasure in thinking I can rid society of at least some of them’: A cyber vigilante is dumping information on notorious ransomware criminals – and security experts say police will be keeping close tabsNews An anonymous whistleblower has released large amounts of data allegedly linked to the ransomware gangs
