Nursing homes across the US are under attack from hackers, who are demanding millions in Bitcoin in exchange for ransomed patient data.
A new ransomware strain known as Ryuk, which was first reported in mid-2018, has taken ahold of computer systems belonging to Wisconsin-based IT firm Virtual Care Provider Inc. (VCPI), according to cybersecurity researcher Brian Krebs. The company provides cloud data services to various clients, including roughly 110 nursing homes, which currently cannot gain access to their patients’ data unless a $14 million Bitcoin ransom is paid.
“We’ve got some facilities where the nurses can’t get the drugs updated and the orders put in so the drugs can arrive on time,” VCPI CEO Karen Christianson told Krebs. “We have this one small assisted living place that is just a single unit that connects to billing, and if they don’t get their billing into Medicaid by December 5, they close their doors,” she said.
According to Christianson, the company cannot afford to pay the BTC ransom.
The Ryuk ransomware works through email phishing campaigns in which computers are infected with a unique form of malware known as a Trickbot. This gives hackers control of the devices. They can then select their targets and encrypt their target’s data, demanding large ransoms, often in cryptocurrencies such as Bitcoin, in exchange for access.
Earlier this year, Ryuk ransomware was used to attack several businesses and government institutions across Canada. Cybersecurity lawyer Imrad Ahmad explained to IT World Canada last October that Ryuk was particularly hazardous in that it wasn’t just created to lock up a target’s computer, but to steal important data as well. And last July, court within the US state of Georgia all fell victim to Ryuk attacks, according to Ars Technica.