A notorious cybercriminal gang that has siphoned tens of millions of dollars in ransomware attacks to date is now unabashedly targeting U.S. hospitals, according to an article in The Wall Street Journal.
The Eastern European group, which may have ties to the Russian government and is called Ryuk after the software it uses, has targeted multiple industries in recent years and made a practice of collecting its ransoms in cryptocurrency.
In an email to CoinDesk, the bitcoin analytics firm Chainalysis said Ryuk, which has also gone by the name “Business Club,” collected over $100 million in cryptocurrency ransoms last year. “This is only based on ransomware payments that we can confirm, so these are lower-bound estimates based on what we know,” the company said.
Ryuk has struck 235 U.S. hospital facilities, according to the Journal, disrupting medical care and endangering patients. The group has also targeted in-patient psychiatric facilities.
Cryptocurrency isn’t the main reason in ransomware’s increasing popularity but it is becoming a major player in this type of malware’s spread, according to CoinDesk’s Nikhilesh De.
Sooner rather than later, De wrote, the industry is going to have to reckon with the issue.
Indeed, multiple ransomware attacks demanding bitcoin for payment have been carried out in the previous month, with Colonial Pipeline succumbing on May 14 and paying out millions and JBS, the world’s largest meat producer following suit two weeks later on May 30.