Rhysida claims the attack on the World Council of Churches

February 16, 2024
Rhysida Ransomware Cyberattack WCC World Council of Churches Europe

The notorious Rhysida cybercriminal group has claimed responsibility for the Christmas-season ransomware attack on the World Council of Churches (WCC). This religious organisation disclosed the ransomware incident on December 28.

The initial report of WCC has not revealed the true identity of the hackers. Still, on January 5, the Rhysida ransomware gang publicly announced its involvement, explicitly targeting the Lutheran World Federation, a member of the WCC.

 

The World Council of Churches stated that the Lutheran World Federation is addressing the alleged Rhysida ransomware attack.

 

The Lutheran World Federation stated they are battling a cyberattack, emphasising the interconnectedness of the ransomware attack on the World Council of Churches. They have yet to disclose the extent of the breach and the specific nature of the compromised data, leaving millions of Lutherans globally concerned about the security of their personal information.

This ransomware issue unfolded on December 26 when the threat actors contacted the WCC. The attackers allegedly demanded a ransom for the accessed information. WCC’s systems, including its website, experienced a disruption, resulting in a complete shutdown.

On the other hand, despite the setback, the WCC’s IT team tirelessly worked to restore their system’s functionality, implying that organisations should have robust security measures to counter evolving cyber threats.

Furthermore, the WCC General Secretary Reverent expressed their dismay at such an attack but underscored the organisation’s resilience, refusing to allow the actors to extort their victims. WCC also promptly contacted the Swiss law enforcement agencies to address the breach, highlighting the urgency and seriousness of the situation.

The Rhysida ransomware gang, notorious for its previous attacks on governments and major corporations, announced that it had stolen sensitive information from the Lutheran group. They set a ransom of 6 bitcoins, equivalent to approximately $280,000, and implemented a seven-day deadline before releasing the information publicly.

As investigations unfold, the incident is another example of the vulnerability of even the most esteemed institutions to the growing threat of cybercrime. These incidents should prompt all organisations to enhance their cybersecurity measures and collaborative efforts to combat such threats.

About the author