A program called Medusa, a variant of ransomware-as-a-service, is holding data hostage for ransom from over 300 known victims in critical infrastructure sectors. The Cybersecurity and Infrastructure Security Agency (CISA), FBI, and Multi-State Information Sharing and Analysis Center (MS-ISAC) issued a warning on March 12.
Medusa uses common techniques like phishing and exploiting unpatched software vulnerabilities to attack medical, education, legal organizations, and others. It has evolved from a closed variant to an affiliate model, but still centrally controls ransom negotiations.
To prevent attacks, the agencies advise using multifactor authentication for webmail services like Gmail and Microsoft Outlook, as well as Virtual Private Networks (VPNs). This adds a critical layer of security.
They also recommend:
– Checking operating systems and software for updates
– Storing sensitive information on secure locations, such as hard drives
– Segmenting networks and requiring VPNs for remote access
If you fall victim to an attack, the FBI, CISA, and MS-ISAC advise not paying ransoms, as it doesn’t guarantee data recovery and may fund illicit activities. Instead, report the incident to the FBI or CISA.
Source: https://people.com/fbi-warns-about-data-stealing-scheme-asking-for-ransom-how-to-stay-protected-11697753