Ryuk is the #1 most successful malware

In terms of ransoms paid, Ryuk is the most successful strain of ransomware in use today, having netted an estimated $150 million for the group behind the malicious code.

According to a recent report published by France's national cybersecurity agency (ANSSI), it just got even more dangerous.

Ryuk has historically been used preferentially against hospitals and companies closely related to the healthcare industry, which is especially malicious during the ongoing pandemic. With its newly discovered capabilities, hospitals around the world are in even more danger.


New capability allows Ryuk to replicate like wildfire

French IT security professionals discovered a new module added to the core code. It gives the malware worm-like capabilities that enable it to self-replicate across any machine on the same network as an infected device. This allows the latest version of Ryuk to spread like wildfire across any network it can infect at a single point, making it virtually impossible to stop once it gains a foothold.

If there's a silver lining, it lies in the fact that hospitals have gotten significantly better at ensuring their backups are robust and taken at regular intervals. Even so, if a hospital network gets shut down because most of the computers on it have their files encrypted, it can put lives at risk in a way that a manufacturing plant or companies in the financial sector simply don't. That makes the risks, and the stakes, even higher.


My perspective

In a majority of cases, the initial Ryuk infection comes about when the hackers controlling it take advantage of unpatched system vulnerabilities. This is perhaps another silver lining, because that, at least, is something IT managers can control (even if many of these managers have proven ineffectual). The lesson here is simple: If you stay current where installing patches and security updates are concerned, you're less likely to fall victim to a Ryuk attack. It's not perfect protection, obviously, but anything that's easy and inexpensive to do that reduces your risk is well worth doing. The question then, is simply this: Is your network running all the latest security patches? If you're not sure, make finding out a priority.


~ As Hill Street Blues' Sgt. Esterhaus always advised: "Hey, let's be careful out there!" ~


By Denis Wilson

Cybersecurity Expert, Small Business Technology Consultant, Managed Services Provider, Managed IT Support

Thanks for reading this short post. For more tips on thriving with small business technology, check out the other blog posts at DWPIA Blogs. You can also find me on LinkedIn, Facebook, and Twitter

I am also a published author and speaker on cloud computing, work@home, and cybersecurity. I work extensively with business and professional associations to provide small business technology education programs.


Contact me if you would like me to speak to your association