In a joint statement, the U.S. government is warning the healthcare industry that a hacking group is actively targeting hospitals and healthcare providers in Ryuk ransomware attacks. Ryuk attacks usually start with a phishing campaign that installs the Bazar loader/KegTap infection on a recipient’s computer. In the past two days, Sky Lakes Medical Center in Oregon and St. Lawrence Health System in New York were both hit in the Ryuk ransom attacks that impact the treatment of patients. UNC1878, an Eastern European financially motivated threat actor, is behind the attacks.
Source: https://www.bleepingcomputer.com/news/security/hacking-group-is-targeting-us-hospitals-with-ryuk-ransomware/