US Government Warns of Medusa Ransomware Targeting Critical Infrastructure

by Justin Erickson

The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC) have issued a joint warning about Medusa ransomware that has recently become a major threat. It started as a single group of threat actors but has since evolved into a ransomware-as-a-service (RaaS) operation. According to the advisory, over 300 organizations tied to critical infrastructure have been impacted, including “medical, education, legal, insurance, technology, and manufacturing.” After data has been stolen, victims are extorted into handing over their money or risk having their data uploaded to the dark web. Security experts recommend immediate measures to secure systems. These include keeping software up to date and applying security patches, implementing multi-factor authentication, watching for unusual activity, restricting the use of remote desktop protocols, and more.