You may have heard that employees of the City of New Orleans were alarmed a few weeks ago by a booming voice on the overhead speaker system of City Hall. The voice was notifying them to unplug and disconnect all devices, including cell phones. The City later discovered it had suffered a ransomware attack, becoming one of many recent victims of Ryuk. 

AdobeStock_99956429-1

We have identified Ryuk as a “high severity” ransomware variant due to the frequency and impact of attacks. The CISA recently shared a Ryuk advisory (originally published by the NCSC) which stated:

The Ryuk ransomware is often not observed until a period of time after the initial infection – ranging from days to months – which allows the actor time to carry out reconnaissance inside an infected network, identifying and targeting critical network systems and therefore maximizing the impact of the attack.

In addition to the City of New Orleans, Ryuk has recently seized the operations of urgent care solutions providers, hospitals, local governments and municipalities, and security firms across the globe.

When we developed Threat Runner, we resolved to continually update the product with the latest ransomware variants. We are excited to share that RYUK IS NOW AVAILABLE for simulation with Threat Runner. With this simulation, your organization can see the true impact of a Ryuk attack on your network before it happens – let’s talk about 2020 vision.

If you’re interested in simulating Ryuk with Threat Runner, click here.

If you have questions about Threat Runner or would like to discuss the Ryuk simulation with one of our Threat Runner representatives, send us an email here.

COMMENTS

THIS POST WAS WRITTEN BY Kendall Blaylock

Kendall serves as the director of cyber intelligence for HORNE Cyber where his specialty is digital forensics and incident response.