The Ryuk ransomware gang, active between 2018 and mid-2020, targeted organizations across various sectors, including healthcare during the Covid pandemic. The gang was responsible for numerous attacks, causing significant disruptions and financial losses. The recent extradition of a 33-year-old member of the Ryuk operation to the United States highlights the continued efforts to bring cybercriminals to justice. The gang's rebranding to Conti and subsequent splintering into smaller groups underscores the evolving threat landscape.
TPRM report: https://scoringcyber.rankiteo.com/company/world-health-organization
"id": "wor903061925",
"linkid": "world-health-organization",
"type": "Ransomware",
"date": "6/2025",
"severity": "100",
"impact": "",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'location': ['France',
'Norway',
'Germany',
'the Netherlands',
'Canada',
'USA']}],
'attack_vector': 'Initial Access',
'data_breach': {'data_exfiltration': True},
'date_publicly_disclosed': '2025-06-18',
'description': 'A member of the Ryuk ransomware operation, specializing in '
'gaining initial access to corporate networks, has been '
'extradited to the United States.',
'impact': {'financial_loss': '$150 million'},
'investigation_status': 'Ongoing',
'motivation': ['Financial Gain', 'Data Theft'],
'ransomware': {'data_encryption': True,
'data_exfiltration': True,
'ransom_paid': '$150 million',
'ransomware_strain': 'Ryuk'},
'references': [{'source': 'BleepingComputer'}],
'regulatory_compliance': {'legal_actions': True},
'response': {'law_enforcement_notified': True},
'threat_actor': 'Ryuk Ransomware Operation',
'title': 'Extradition of Ryuk Ransomware Operator',
'type': 'Ransomware'}