California Rice Exchange, Inc. Hit by Rhysida Ransomware Attack

Incident Date: Jun 08, 2024

Attack Overview

VICTIM

California Rice Exchange, Inc.

INDUSTRY

Agriculture

LOCATION

USA

ATTACKER

Rhysida

FIRST REPORTED

June 8, 2024

Request Removal

Rhysida Ransomware Group Targets California Rice Exchange, Inc.

Overview of the California Rice Exchange, Inc.

The California Rice Exchange, Inc. (CRE) is a pivotal entity in the California rice industry, operating a cash market trading floor for paddy rice. Founded in 2014 and headquartered in Yuba City, California, CRE facilitates direct transactions between rice producers and buyers through an online platform. With an estimated annual revenue of $4.4 million and a workforce of around 11 employees, CRE stands out by providing an efficient alternative to traditional rice-marketing pools.

Details of the Ransomware Attack

Recently, the Rhysida ransomware group has claimed responsibility for a cyberattack on the California Rice Exchange, Inc. The attack has severely disrupted CRE's operations, with the group threatening to publish the exfiltrated data within seven days. This incident underscores the vulnerabilities faced by small to medium-sized enterprises in the agricultural sector, particularly those relying heavily on digital platforms for their operations.

Profile of the Rhysida Ransomware Group

First identified in May 2023, the Rhysida ransomware group has rapidly gained notoriety for targeting sectors such as education, healthcare, manufacturing, and government. The group employs a double extortion technique, encrypting data and threatening to release it unless a ransom is paid. Rhysida's ransomware is written in C++ and utilizes the ChaCha20 encryption algorithm. The group often gains initial access through phishing campaigns and leverages valid credentials to infiltrate networks.

Potential Vulnerabilities and Attack Vectors

Given CRE's reliance on an online trading platform, the organization is particularly susceptible to cyber threats. The Rhysida group likely exploited vulnerabilities in CRE's network security, possibly through phishing emails or compromised credentials. Once inside, the attackers used tools like PsExec for lateral movement and encrypted critical data, leaving a ransom note in the form of a PDF document.

Impact on the California Rice Exchange

Undoubtedly, the ransomware attack has had a significant impact on CRE, disrupting its ability to facilitate rice transactions and potentially compromising sensitive data. The threat of data publication adds an additional layer of pressure, as it could harm the organization's reputation and financial standing.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.