Rhysida Ransomware Attacks Seven Seas Technology

Company Overview

Rhysida, a new ransomware-as-a-service (RaaS) group, has claimed responsibility for an attack on Seven Seas Technology (SSTech), a leading system integrator and ICT solution provider in the UAE. The attack was announced on the group's dark web leak site, which also revealed that SSTech operates in the Software sector.

Seven Seas Technology is a well-established company with over 40 years of experience in the IT industry. They have a team of over 300 ICT trained and certified professionals, and they cater to over 1000 companies. SSTech is known for its collaborative, multi-cloud strategy and its focus on customer satisfaction. They offer a range of services, including Enterprise Systems, Cloud Offerings, Data Networking & Information Security, Unified Communication, Microsoft Licensing & Solutions, Value Added Services, BCP & DR, Data Centers, Cabling, Audio Visual, Access Control, CCTV, and Outsourcing Services.

Vulnerabilities and Targeting

The ransonware group Rhysida primarily targets the education, government, manufacturing, and technology and managed service provider sectors, but they have also been observed attacking the Healthcare and Public Health (HPH) sector. The group uses phishing attacks and Cobalt Strike to breach targets' networks and deploy their payloads.

The attack on Seven Seas Technology highlights the need for organizations to be vigilant against ransomware attacks, particularly those that exploit vulnerabilities in cloud services and hybrid IT environments.

Sources

• Seven Seas Technology - Homepage
• U.S. Department of Health and Human Services Health Sector Cybersecurity Coordination Center (HC3) - Rhysida Ransomware Sector Alert