According to reports, a Ryuk ransomware attack has affected Universal Health Services (UHS) healthcare providers, prompting them to shut down systems at healthcare facilities in the United States.
The cyber-attack occurred on Sunday morning; some patients have been redirected to other neighboring hospitals since the UHS facilities were unable to operate.
Universal Health Services (UHS), an American Fortune 500 company, provides hospital and healthcare services throughout the US and the UK; its annual revenues were $11.37 billion in 2019, and has more than 90,000 employees.
As per reports from UHS’ employees, systems at some of the UHS hospitals in the US rebooted began showing a ransom note. Responding to the incident, the IT staff closed down its systems to prevent the proliferation of the threat.
“I was sitting at my computer charting when all of this started. It was surreal and definitely seemed to propagate over the network. All machines in my department are Dell Win10 boxes.” reads one of the reports shared online.
“When the attack happened multiple antivirus programs were disabled by the attack and hard drives just lit up with activity. After 1min or so of this the computers logged out and shutdown. When you try to power back on the computers they automatically just shutdown. We have no access to anything computer based including old labs, ekg’s, or radiology studies. We have no access to our PACS radiology system.”
Some reports circulating online disclose that the ransomware added the “.ryk” extension to the filenames of encoded documents, a situation that confirms a Ryuk ransomware infection.