FBI Warns of Medusa Ransomware: Gmail and Outlook Users at Risk
The Federal of Bureau of Investigation has just issued a warning about Medusa, a “ransomware-as-a-service” which targets important data. In a recent joint advisory by the FBI, Cybersecurity and Infrastructure…
The Federal of Bureau of Investigation has just issued a warning about Medusa, a “ransomware-as-a-service" which targets important data. In a recent joint advisory by the FBI, Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC), the public is warned of ransomware attacks where perpetrators “employ a double extortion model, where they encrypt victim data and threaten to publicly release exfiltrated data if a ransom is not paid.”
Let’s break down the details, what Medusa ransomware actually is, and what you can do to protect yourself before it’s too late.
What is Medusa?
Cybercriminals use ransomware to break into a target's accounts to gain access to the target’s data. They use phishing methods or “exploitation of unpatched software vulnerabilities,” per the advisory. Once the data is compromised, the cybercriminals will contact the victim and demand a ransom to get their data back and prevent it from being released. If the victim did not make contact after 48 hours, the cybercriminals will contact them by phone or email.
How Does Medusa Ransomware Target Gmail and Outlook Users?
Medusa exploits vulnerabilities in the way we access and receive emails. Per the New York Post, email users need to be wary when clicking on links or downloading attachments. Checking the email address for its legitimacy is not as helpful as it once was since these addresses can now be easily manipulated to look legit, even if they are not.
Ryan Kalember, the chief strategy officer at cybersecurity firm Proofpoint, told the Washington Post that if we accidentally click on the link, we should not just forget about it. If this happens with a work email, you must immediately inform a company’s IT team about it to prevent an attack. He noted, “When you fall for something, the attacker still has some window of time where they have to figure out what they’ve just got and whether it’s even worth taking advantage of.”
The post also encouraged email users to activate two-factor authentication and to keep software updated to avoid being vulnerable to cyber-attacks. Peter Quach, client relations director at security firm Polito, warned of phishing emails that are “most likely to get clicks,” such as an email from HR about “Companywide salaries,” fake gift cards, and links to DocuSign.
