Ransomware Group

Rhysida

Status: active • First seen 2023-05100+ known victims

Rhysida attacks important institutions like hospitals and libraries. They caused chaos at the British Library by encrypting their systems and demanding millions.

Overview

Rhysida has targeted critical infrastructure including healthcare and government organizations. The group gained notoriety for attacking the British Library.

Target Industries

Healthcare, Government, Education, Critical Infrastructure

How They Attack

  • Phishing
  • Cobalt Strike
  • Double extortion
  • Critical infrastructure targeting

Notable Victims

British Library (2023), Prospect Medical Holdings (2023)

Is your business exposed?

How to Protect Against Rhysida

  1. 1.

    Deploy email security controls

  2. 2.

    Monitor for Cobalt Strike indicators

  3. 3.

    Implement critical infrastructure protection

MITRE ATT&CK Techniques

T1566, T1219, T1486, T1567

Related Groups

Vice Society

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices