Recently, Cardinal Health became aware of an imminent ransomware threat from an aggressive Russian cybercriminal gang preparing to disrupt information technology systems at hundreds of hospitals, clinics and medical care facilities across the United States. This threat is concerning, and we want to make sure you are informed and aware so you can proactively protect your practices and report any suspicious activity you may encounter.
As part of this threat, online communications were identified between cybercriminals affiliated with a Russian-speaking ransomware group known as ‘Ryuk,’ where members discussed plans to deploy ransomware at more than 400 healthcare facilities in the U.S.
Please be on high alert for any suspicious phishing emails:
- That seem strange or out of the ordinary
- That have any links or attachments within the email
- That have a sense of urgency to open links or attachments
Below are links to some additional resources that may be helpful to you:
Joint Cybersecurity Advisory »
Ransomware Guide – September 2020 »
Customer Ransomware Resource Guide »