The Federal Bureau of Investigation (FBI) and US Cybersecurity and Infrastructure Security Agency (CISA) are worried about the safety of Internet users. The two institutions recently shared an emergency message to all the owners of an email box, which certifies that an important cyber attack spreads on the internet.
Users of popular applications like Gmail or Outlook are not spared from this threat. All mailbox users are potentially in the viewfinder of a ransomiciel gang called “Medusa”. Identified for the first time by the FBI in 2021, the group of cybercriminals spares no sector: the medical, education, legal and even insurance have all been affected.
In order to ward off this growing threat, the FBI and the CISA have shared several recommendations, which we explain below.
If the FBI and the CISA endeavor to prevent Internet users, it is because Medusa would have already caused more than 300 victims around the world. The criminal group attracts its various prey to its net through phishing campaigns, that is to say a technique of stealing the personal information of a third party by usurping the identity of a trusted person (your bank, your business …).
“Medusa” would send, according to information from the FBI and CISA, emails in which links that could not be more doubtful. By falling into the trap of cybercriminals, users of Gmail, Outlook, or others see their devices “taken hostage”. A ransom will then be requested.
In order not to be the next victim of the attempts to bake “Medusa”, we imperatively recommend that you do not click on the slightest suspicious link, even if your recipient seems safe. The FBI and the CISA advise users of Gmail and Outlook to change password to replace them with other longer and difficult to decipher.
In order to protect your Gmail or Outlook box, also turn to double authentication. The FBI and the CISA also recommend checking if your system is still up to date. Filting network traffic by preventing unknown or unreliable sources from accessing your mailbox is also a good initiative. This prevents malicious actors from connecting to your account by excluding external traffic. Favor VPN and relay hosts for remote access to the network.
The FBI and the CISA assure that you should not pay a ransom if “Medusa” has managed to trap you: it is not certain that the group of cybercriminals holds its promises. If you keep sensitive data on Gmail or Outlook, take the time to save it and keep it on other supports.
