Ryuk Ransomware Attack Cost UHS $67M in Lost Revenue
The attack affected 400 UHS care sites and caused three weeks of EHR downtime in September, costing the health system $67 million in recovery costs and lost revenue.
According to a recent UHS earnings report, the Ryuk ransomware attack from last September resulted in about $67 million in lost operating income, labor expenses, and overall recovery costs.
The incident, which came amidst a wave of suspected Ryuk attacks at the computer networks of multiple U.S. hospitals, was widely reported to be a ransomware attack, with some cybersecurity analysts saying it involved the Ryuk strain of malicious code. To this day, no evidence of unauthorized access, leaking, or misuse of any patient or employee data was discovered.
As one of the biggest American health care providers, UHS notes that the cost of the security breach included lost revenue as their ambulances were taken over by competitor services. What’s more, as noted in an earnings statement, this attack postponed billing procedures for over two months and pressured UHS to splash out on labor costs to restore connectivity. UHS managed to restore most affected systems and hospital operations systems during late-October.
Heimdal® Threat Prevention - Network
- No need to deploy it on your endpoints;
- Protects any entry point into the organization, including BYODs;
- Stops even hidden threats using AI and your network traffic log;
- Complete DNS, HTTP and HTTPs protection, HIPS and HIDS;
According to a 2020 IBM report, security breaches generally cost health care companies on average over $7 million per attack. During the COVID-19 pandemic, a chain of ransomware attacks has only put more pressure on a sector already dealing with a lack of security personnel. On February 25th, Secretary of Homeland Security Alejandro Mayorkas has promised more government resources to fight ransomware; more exactly, $25 million in federal support for state and local cybersecurity efforts.
Ransomware is not new. It has been around for years. What is new are attackers’ methods, ability to make money, and the increased frequency of attacks. Tackling it will require partnership with state, local, tribal, and territorial governments and private sector entities.
After reporting over $3 billion in revenue in the fourth quarter, UHS suggested its insurance provider would cover a significant slew of the losses.
During the third quarter of 2020, Ryuk attackers have been observed hitting roughly 20 companies every week, and, starting with November 2020, they have conducted a series of attacks on the US healthcare system. Recently, French cybersecurity agency ANSSI discovered that a new variant of Ryuk ransomware is now spreading independently in networks and is more dangerous than ever.