Security Primer – Ryuk

Center for Internet Security logo

Ryuk is one of the most prevalent ransomware variants in the state, local, tribal, and territorial (SLTT) government threat landscape, with infections doubling from the second to the third quarter in 2019. Ransomware infections continue to increase in tandem with overall impact and monetary demands. Furthermore, Ryuk’s ability to delete shadow copies and backups makes Ryuk extremely costly and almost impossible to remediate. For instance, Ryuk operators demanded nearly $600,000 from one SLTT government after successfully encrypting nearly all files on the network.

Click here for the full article