More than 300 organizations in U.S. critical infrastructure industries were disclosed by the FBI, Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) to have been compromised by the Medusa Ransomware-as-a-Service operation as of February, BleepingComputer reports.
Attacks by Medusa — which emerged in January 2021, but only gained notoriety after breaching Minneapolis Public Schools over two years later — involved the enlistment of initial access brokers who are paid $100 to $1 million to facilitate initial network compromise, noted the agencies in a joint cybersecurity advisory.
U.S. organizations have been urged to defend themselves from Medusa ransomware attacks by ensuring up-to-date software, firmware, and systems, implementing network segmentation, and applying network traffic filters. This recent alert comes nearly a month after the FBI and CISA warned of Ghost ransomware intrusions that have targeted organizations in various sectors across more than 70 countries.
