The Multi-State Information Sharing and Analysis Center (MS-ISAC), a WaterISAC partner, has published a security primer on the Ryuk ransomware, which it describes as “one of the most prevalent variants in the state, local, tribal, and territorial government threat landscape. This product provides an overview of Ryuk’s phases of operation and offers a list of recommendations for government entities to adhere to prevent and limit the impact of a potential Ryuk ransomware compromise.

Ryuk has been observed in ransomware attacks, both attempted and successful, against water and wastewater utilities. As WaterISAC has previously reported, in October 2018 the Onslow Water and Sewer Authority experienced a ransomware infection that left it with limited computer capabilities.