The NCSC has shared more than 160 instances of high-risk and critical vulnerabilities with the NHS, sharing 51,000 indicators of compromise (IoCs) with the health service. Evidence suggests that cybercriminals are recalibrating their approach, turning to Ryuk, a particularly malicious form of ransomware, to target hospitals and vaccine developers.
Ryuk has been making headlines in the US after crippling various healthcare networks last week. SonicWall’s Q3 Threat Data has identified skyrocketing cases of the Ryuk variant, having seen 67.3 million Ryuk attacks so far this year, up from 5000 in 2019.
Ryuk is especially dangerous because it is targeted, manual and often leveraged via a multi-stage attack preceded by Emotet and TrickBot malware. Therefore, if an organization has Ryuk, it’s a pretty good indication that it\’s infested with several types of malware