Ryuk Ransomware Hackers Demand $14 Million BTC Ransom to Unlock 80,000 PCs In 110 Nursing Homes
Hackers are claiming a ransom of $14 million in Bitcoin after hacking about 80,000 computers in 110 nursing homes in the U.S. The affected nursing homes are clients of Virtual Care Provider Inc. that hosts all their computer data. The company confirmed that the hackers encrypted all the data it holds for its customers using the Ryuk ransomware. The attack leaves the lives of patients and the elderly across forty-five states at risk.
Hackers have been using the dreadful malware, Ryuk ransomware, to attack high-value targets like government organizations and health facilities all year. The malware infects computers with a Trojan called Trickbot that is sent through email phishing. The notorious hackers encrypt critical data and then demand ransom in Bitcoin to unlock the computer systems.
According to Karen Christianson, an executive at Virtual Care Provider Inc., the attack has halted almost all its services from email, billing, internet access, and retrieval of client records. If the ransom is not paid to the hackers, the care facilities might be forced to close down since they cannot dispense their services under the current situation. Christianson told KrebsOnSecurity in an interview;
“Nurses cannot keep track of drug updates for timely orders in some facilities while in others, the billing process has been halted, and if the situation is not saved by December 5, these facilities might be forced to close,”
“Old folks that have no families to go to after the nursing homes are closed are confused. Clients are on our neck, demanding for their data.”
The hackers are also holding the company’s payroll systems for ransom as well, and employees are enquiring about when they will receive their pay. Christianson, however, told the media that VCPI is currently concerned with more pressing issues like getting the medical files back online soonest possible.
Attacks of this nature have always been preventable until the deployment of the deadly Ryuk ransomware. Hold Security, a cyber intelligence company has told KrebsOnSecurity that VCPI’S systems may have been invaded in September last year even though the attack was launched on November 15, 2019.
According to a report released by Hard Ford in October, a number of hospitals across the U.S have paid Ryuk masterminds ransoms for them to have their critical data files restored by the hackers. VCPI’S Chief Executive Officer has sworn to expose everything that has transpired publicly after containing the situation.
It was established in January this year that the hackers were able to raise $3.7 million using the Ryuk ransomware in a period of only five months. This amount has definitely skyrocketed by now as the masterminds of the malware get more aggressive.