• Home
  • News
  • Rhysida Ransomware Hackers Cripple Canada's MYC Media

Rhysida Ransomware Hackers Cripple Canada’s MYC Media

Bogdan Pătru

By Bogdan Pătru . 8 July 2024

Tech Writer

Miklos Zoltan

Fact-Checked this

Rhysida ransomware announced that they’ve breached Canada-based MYC Media. There are no clear details about the attack, aside from the victim’s profile and the deadline for completing the negotiations: 7 days.

  • After the 7-day period has passed, the hackers will leak the stolen data publicly, usually on the Dark Web
  • Rhysida is a relatively new ransomware organization, being observed publicly for the first time in May 2023
  • The gang operates as a RaaS (Ransomware-as-a-Service), relying on affiliates to conduct most of its operations
  • MYC Media hasn’t commented on the attack, so it’s unclear how they’ve decided to act on it

Ransomware attacks are extremely damaging to a company’s finances, reputation, and overall structure. In many cases, the victim is forced by the circumstances to pay the ransom, despite not wanting to.

Several reasons can account for that, including the sensitivity of the stolen data or not being able to remove the encryption safely. This explains why the ransomware sphere appears to be on an upward trend, with more attacks hitting the public scene regularly.

X showing the Rhysida ransomware attack on MYC Media

Despite being relatively new, Rhysida is already making waves on a global scale. The gang relies on the tried-and-tested double-extortion tactic. This implies forcing the victim to pay to get the decryption key and prevent their data from leaking publicly.

The pressure can often force the victims to comply, despite their better judgment. This is especially the case with medium-to-large companies that are in possession of a lot of sensitive data. This explains why the ransomware business remains so profitable today.

You’ve Been Breached by Rhysida – Now What?

If you’ve never experienced a ransomware breach, you may be confused about how exactly to proceed. The standard answer is: don’t pay the ransom. Don’t even negotiate with the hackers. Simply take the hit, find ways to decrypt your own files (with professional help), and call it a day.

Paying the ransom isn’t likely to produce anything positive. In most cases, the hackers won’t even delete the stolen data, despite promising that they will. And you have no way of verifying that. Which will naturally create trust problems.

Plus, paying the ransom will typically have the opposite effect. Instead of fixing your problems, it will more likely create new ones. One such issue comes from the hackers placing you on their “to revisit” list. And it makes sense.

You’ve already proven to be willing to pay the ransom. Maybe you’ll do the same in the future. To summarize, most cybersecurity experts advise against paying the ransom for all the reasons that we’ve already mentioned.

That being said, some situations require you to pay. This is for a variety of reasons, including the legal implications of the data breaches, the impossibility of removing the encryption, and the sensitivity of the leaked data.

Even if the hacker won’t delete the data, at least you get to recover it. Ultimately, it all comes down to your specific situation and whatever you decide to do.

Just keep in mind that ransomware organizations require payments to survive. If nobody would pay any ransom, they would cease to exist.

Our Mission

We believe security online security matters and its our mission to make it a safer place.

Leave a Comment