Rhysida (hacker group)

Rhysida is a ransomware group that encrypts data on victims' computer systems and threatens to make it publicly available unless a ransom is paid.[1] The group uses eponymous ransomware-as-a-service techniques, targets large organisations rather than making random attacks on individuals, and demands large sums of money to restore data.[2] The group perpetrated the notable 2023 British Library cyberattack[1] and Insomniac Games data dump.[3] It has targeted many organisations, including some in the US healthcare sector, and the Chilean army.[4]

In November 2023, the US agencies Cybersecurity and Infrastructure Security Agency (CISA), FBI and MS-ISAC published an alert about the Rhysida ransomware and the actors behind it,[5] with information about the techniques the ransomware uses to infiltrate targets and its mode of operation.[6]

The group takes its name from the genus of centipedes, and uses a centipede logo.[4]

  1. ^ a b Milmo, Dan (2023-11-24). "Rhysida, the new ransomware gang behind British Library cyber-attack". The Guardian. Retrieved 2023-12-23.
  2. ^ Hollingworth, David (19 December 2023). "Snikt! Rhysida dumps more than a terabyte of Insomniac Games' internal data". www.cyberdaily.au. Retrieved 2023-12-23.
  3. ^ Acres, Tom (2023-12-20). "Wolverine: What we know about the cyberattack that leaked one of PlayStation's most anticipated games". Sky News.
  4. ^ a b Cluley, Graham (10 August 2023). "Rhysida ransomware – what you need to know". Tripwire.
  5. ^ "CISA, FBI, and MS-ISAC Release Advisory on Rhysida Ransomware". Cybersecurity and Infrastructure Security Agency (CISA). 15 November 2023. Retrieved 2023-12-23.
  6. ^ "#StopRansomware: Rhysida Ransomware". Cybersecurity and Infrastructure Security Agency (CISA). 15 November 2023. Alert Code AA23-319A. Retrieved 2023-12-23.