HHS Releases Update on Ryuk Ransomware Threat

By Melanie Blackman

The Department of Health and Human Services’ (HHS) Office of the Assistant Secretary for Preparedness & Response has issued updates regarding the Ryuk ransomware threat that has threatened the healthcare and public sectors since 2018.

The Department also shared ransomware insights and protection recommendations from the Cybersecurity & Infrastructure Security Agency (CISA).

“The hospital field faces a COVID-induced ‘cyber triple threat,’ ” said John Riggi, senior advisor for cybersecurity and risk for the American Hospital Association, in a statement.

Riggi outlined the threats:

  1. A rapid expansion of the ‘attack surface’ because of increased remote and network-connected technologies
  2. A rise in cyberattacks by criminals who are taking advantage of the expanded attack surface
  3. Reduced revenue for hospitals and health systems to bolster cyber defenses

“Cyber criminals have increasingly targeted healthcare facilities during the COVID-19 pandemic, and this attack underscores why cybersecurity will continue to be a top priority for the healthcare field during a time when our health information systems are becoming more interconnected.

“We are most concerned with ransomware attacks that have the potential to disrupt patient care operations and risk patient safety. We believe any cyberattack against a hospital or health system is a threat-to-life crime and should be responded to and pursued as such by the government,” Riggi said.

One health system that was recently attacked was Universal Health Services, Inc. UHS had to temporarily shut down user access to IT applications due to a malware cyberattack last weekend. BleepingComputer has reported the attack was done by the Ryuk ransomware, but UHS has not yet confirmed the source of the attack.

UHS says it is continuing to “safely and effectively” serve patients through “offline documentation methods.” Currently, the health system says there is no evidence that patient or employee data was compromised during the cyberattack.

Melanie Blackman is the strategy editor at HealthLeaders, a Simplify Compliance brand.

More Like This