The FBI has issued a joint alert with the US Cybersecurity and Infrastructure Security Agency (CISA) about the Medusa ransomware gang, warning of its highly dangerous attacks on critical infrastructure sectors. The Medusa gang is known to employ both social engineering and unpatched software vulnerability exploitation during its attacks.
To mitigate these attacks, the FBI recommends enabling two-factor authentication for all webmail services such as Gmail and Outlook, as well as VPNs. Additionally, organizations should require long passwords, retain multiple copies of sensitive data, keep operating systems up-to-date, and identify abnormal activity on their networks.
However, not everyone is happy with the advice given by the FBI and CISA regarding the Medusa ransomware group threat. Roger Grimes, a data-driven defence evangelist at KnowBe4, stated that the alert fails to suggest security awareness training as a primary way to defeat social engineering-based attacks, which are involved in 70% – 90% of all successful hacking attacks.
Experts emphasize that organizations need to take immediate action to protect themselves from Medusa ransomware attacks. With its sophisticated strategies and tools, including base64 encrypted commands via PowerShell and Mimikatz, the gang can terminate over 200 Windows services and processes, including security software.
Source: https://www.forbes.com/sites/daveywinder/2025/03/15/fbi-warning-enable-2fa-for-gmail-outlook-and-vpns-now