A government contractor known for their electronics work, EWA, became aware of a ransomware infection recently. The suspected attack took place last week and affected the company’s web servers. The company took the servers down soon after becoming aware of the incident, but evidence of encrypted files and ransom notes are still cached in Google search results. After analyzing encrypted files and reading the ransom note, the researcher who discovered them strongly believes Ryuk is the ransomware used in the attack. Four websites seem to have been affected, those include the sites for EWA Government Systems Inc., EWA Technologies Inc., Simplicikey, and Homeland Protection Institute. It is not yet known how much of the company’s internal network was affected and EWA has yet to make a public statement regarding the issue