- FBI, CISA and MS-ISAC publish a new report on Ransomware Medusa
- They claim that the group hit hundreds of critical infrastructure companies
- Agencies share tips on how to stay safe
Hundreds of critical infrastructure objectives have been victims of the Medusa ransomware in the last four years, warned a new report from the United States government, urging organizations to apply known mitigations and minimize the risk of an attack.
The Federal Research Office, the US Cybersecurity Security Agency and Infrastructure.
“As of February 2025, Medusa developers and affiliates have affected more than 300 victims of a variety of critical infrastructure sectors with affected industries, including doctors, education, legal, insurance, technology and manufacturing,” says the report. “The FBI, the CISA and the MS-ISAC alienate organizations to implement the recommendations in the mitigation section of this notice to reduce the probability and impact of Medusa ransomware incidents.”
Mitigating risks
Recommendations include mitigating known vulnerabilities and ensuring that operating systems, software and firmware are paved in time, segmenting networks to hinder lateral movement attempts and filter network traffic by blocking the access of non -reliable origins.
Medusa emerged for the first time in 2021, but since it originally intended to be a closed ransomware variant, its success was somewhat limited. A few years later, the operation became a ransomware as a service (RAAS) with an affiliated model, which drove it to one of the most dangerous variants that exist.
“Medusa developers generally recruit initial access runners (IABS) in forums and cybercriminal markets to obtain initial access to potential victims,” says the report. “Potential payments between $ 100 USD and $ 1 million USD are offered to these affiliates with the opportunity to work exclusively for Medusa.”
Some of the most notable victims include the Public School District of Minneapolis, which suffered a significant violation, which resulted in the exhibition of confidential information, such as psychological reports and accusations of abuse. Other affected sectors cover health, manufacturing, technology, legal, insurance and education industries.
Through Bleepingcomputer
