Ryuk Ransomware Attacks and What You Need to Know

Law Enforcement and other Governmental Agencies all over Georgia recently received a shocking warning in regards to what is being characterized as a targeted and organized series of Malware attacks. Shortly after this warning was released, over 20 Texas agencies were crippled.

Ryuk Ransomware attacks are targeting Law Enforcement and Government Agencies in an attempt to gain monetarily. The attacks will cripple operations within these agencies and in order to access encrypted data and files, attackers will insist on a very expensive ransom, likely hundreds of thousands of dollars. According to the Georgia Bureau of Investigation, these attacks are suspected to have originated from North Korea, bringing an entirely new complexion to the ongoing “war” against Malware.

Ryuk can get in two ways; email phishing attacks and unprotected remote desktop ports (RDP). What makes Ryuk so dangerous is that it can be difficult to prevent because it is “bespoke” meaning that it is modified and can be tailor made for a specific target. It spreads slowly and strategically as it is manually spread from within the network by the hackers once they have entered. It is crucial for the health and protection of your agency that preventative actions are taken and that staff and personnel are aware of and educated on Ryuk Malware Attacks. Two major risks that come with Ryuk Malware attacks are the potential disabling of 911 dispatch as well as the crippling of law enforcement missions. Both of these scenarios have played out in previous ransomware attacks in Georgia.

We want to be sure you are best suited in your defense plans to protect against Ryuk. Liberty is using a layered approach to act defensively against Ryuk Malware. Our approach consists of DNS/Cloud Security, Network Security, Endpoint Security, and leveraging tools that learn machines allowing for detection of abnormal network behavior. In addition to these steps, we take it a step further to train our client’s users. It is important that users know how to spot abnormal or suspicious activity and what best practices to use so that they, themselves, can become, as we like to call it, human malware detectors. For example, just by itself, control over incoming email can minimize the success of those attacks. Without putting those best practices in place, all the malware protection tools in the world will not hold up against careless end-user mistakes.

Below we have listed some additional steps that you should take now in your efforts to prevent against Ryuk:

  • Disable Remote Desktop on every computer on your network.
  • Where you can’t remove RDP, replace it with a third-party version that is secure and that can provide two-factor authentication.
  • Require two-factor authentication for any changes to your network devices, including your servers and to your clients. The second factor should be a physical smart card or USB key, not an SMS text message.
  • Impose a password management policy on your network, including a requirement that all passwords be changed immediately. At this point, any passwords that have been in use for a while will have been compromised, so implement a policy that requires new passwords immediately, sets requirements for password age and doesn’t allow password reuse.
  • Make sure your backups don’t use disk letters or any other method that allows access through the operating system. Backups must be managed by backup software that creates protected backups that cannot be otherwise accessed from the network.
  • Make sure you test the ability to recover your files to confirm that you really have a backup you can use. Then store those backups off-site in a cloud location or potentially in a physical vault.

These proper steps were recommended by an article from eWeek that you can find here.

We want you to be as prepared as possible in your security plans to defend against Ryuk. Contact us at for more info on Ryuk Ransomware and how to protect your organization against it.

Back Next

Recent Blogs

The Liberty Tech Difference: Data Security

The best way to get hacked is to think you won’t be. Liberty Technology offers the most comprehensive security package available, powered by Cisco’s Advanced Security Architecture. Your business data needs to be protected, and the best defense against today’s advanced security threats is a good offense–one that outsmarts emerging threats while they’re still just […]
Aug 29th, 2019 | by libertytechadmin

Is Your Network as Optimized as It Should Be?

Modern businesses and offices need optimized networks to be successful. Being able to plug in from anywhere in the world and having a secure, fast, and effective network adds efficiency to your business. Regardless of whether you are a hybrid, traditional, or remote office, your network optimization matters. But What Exactly Does Network Optimization Mean? […]
Aug 29th, 2019 | by Ben Johnson

8 Steps To Take During A Ransomware Attack

You’re just sitting at your desk, working hard, minding your own business when bam! An alarming red background takes over your screen. A message written in a threatening font tells you all your files are locked and demands you pay a hefty ransom in cryptocurrency, or your files are gone forever. Because your attackers were […]
Aug 29th, 2019 | by Ben Johnson

The Ultimate Guide to VCIOs

A VCIO, or Virtual Chief Information Officer, can be an invaluable asset to your business. But what is a VCIO, and why do you need one? This blog post will discuss the benefits of having a VCIO and how to choose the right one for your business.    What is a VCIO? A vCIO is […]
Aug 29th, 2019 | by Ben Johnson

Protect Your Data

Your data is one of the most important assets of your business. It is what allows you to keep track of your customers, sales, and operations. However, if this data falls into the wrong hands, it can irreparably harm your business. That’s why it’s so important to protect your data from unauthorized access and theft. […]
Aug 29th, 2019 | by Ben Johnson

How to Take Advantage of Section 179 Tax Code

You’ve most likely put off upgrading your IT infrastructure for too long, but thanks to a special IRS tax code, now might be the perfect time to do so. Small businesses can take advantage of Section 179 of the tax code to deduct operating expenses, like your IT infrastructure. If you are looking for ways […]
Aug 29th, 2019 | by Ben Johnson

Why It Security Is Important For Business

While Liberty Technology provides IT disaster recovery and stands ready to assist you in a moment of crisis, we hope that day never comes. Taking preventative measures can drastically increase the probability that it never will. Don’t think you need the top of the line in IT security or worried it costs too much money? […]
Aug 29th, 2019 | by Ben Johnson

How To Manage A Hybrid Workplace

Working remotely was not just a temporary effect of the COVID-19 pandemic. In fact, it’s not going anywhere. Many businesses are making permanent shifts to full-time remote or hybrid models. If your business has taken this route, have you considered how that will affect data security? Your current security measures and policies are based on […]
Aug 29th, 2019 | by Charles Goodsell

Why Your Company Needs An IT Assessment

How do you feel about your company’s data security? If a hacker tried to steal your data, would they succeed? Would such an occurrence catch you completely off guard and throw your organization into disarray? Would you look back and wonder what you could have done differently to prevent it? The truth is, there is […]
Aug 29th, 2019 | by Charles Goodsell

Having trouble staffing your Internal IT?

In the post-pandemic economy, many small business owners are having trouble getting back to “business as usual.” A big part of that challenge has been attracting talent. According to National Federation of Independent Businesses (NFIB) Chief Economist Bill Dunkelberg, “Main Street is doing better as state and local restrictions are eased, but finding qualified labour […]
Aug 29th, 2019 | by Ben Johnson

5 Things to Look for When Choosing an MSP

A managed service provider (MSP) can provide significant value to your organization. An increasing number of businesses and organizations are turning to MSPs to address their IT needs, including: Security: The constant battle against cyber attacks, data protection and retention, disaster recovery and more involves constant oversight and research that most IT departments simply don’t […]
Aug 29th, 2019 | by Charles Goodsell

The Evolution of the Cloud

Market trends are changing, and the IT world is on the cusp of a big shift. We at Liberty have a mission to stay on the leading edge of all things IT, and it’s our job to make sure you stay right out front alongside us. With the newest consumption model taking form, we are […]
Aug 29th, 2019 | by Ben Johnson