According to a recent UHS earnings report, the Ryuk ransomware attack from last September resulted in about $67 million in lost operating income, labor expenses, and overall recovery costs.

The incident, which came amidst a wave of suspected Ryuk attacks at the computer networks of multiple U.S. hospitals, was widely reported to be a ransomware attack, with some cybersecurity analysts saying it involved the Ryuk strain of malicious code. To this day, no evidence of unauthorized access, leaking, or misuse of any patient or employee data was discovered.

As one of the biggest American health care providers, UHS notes that the cost of the security breach included lost revenue as their ambulances were taken over by competitor services. What’s more, as noted in an earnings statement, this attack postponed billing procedures for over two months and pressured UHS to splash out on labor costs to restore connectivity. UHS managed to restore most affected systems and hospital operations systems during late-October.

Heimdal Official Logo
Your perimeter network is vulnerable to sophisticated attacks.

Heimdal® Network DNS Security

Is the next-generation network protection and response solution that will keep your systems safe.
  • No need to deploy it on your endpoints;
  • Protects any entry point into the organization, including BYODs;
  • Stops even hidden threats using AI and your network traffic log;
  • Complete DNS, HTTP and HTTPs protection, HIPS and HIDS;
Try it for FREE today 30-day Free Trial. Offer valid only for companies.

According to a 2020 IBM report, security breaches generally cost health care companies on average over $7 million per attack. During the COVID-19 pandemic, a chain of ransomware attacks has only put more pressure on a sector already dealing with a lack of security personnel. On February 25th, Secretary of Homeland Security Alejandro Mayorkas has promised more government resources to fight ransomware; more exactly, $25 million in federal support for state and local cybersecurity efforts.

Ransomware is not new. It has been around for years. What is new are attackers’ methods, ability to make money, and the increased frequency of attacks. Tackling it will require partnership with state, local, tribal, and territorial governments and private sector entities.


After reporting over $3 billion in revenue in the fourth quarter, UHS suggested its insurance provider would cover a significant slew of the losses.

During the third quarter of 2020, Ryuk attackers have been observed hitting roughly 20 companies every week, and, starting with November 2020, they have conducted a series of attacks on the US healthcare system. Recently, French cybersecurity agency ANSSI discovered that a new variant of Ryuk ransomware is now spreading independently in networks and is more dangerous than ever.

Ryuk Ransomware: Origins, Operation Mode, Mitigation

Ryuk Ransomware Now Self-Spreads to Other Windows LAN Devices

Leave a Reply

Your email address will not be published. Required fields are marked *