If you’re an Outlook or Gmail user, you’ll want to be aware of this ransomware warning just issued by the FBI

A new ransomware targeting Gmail, Outlook and other popular email providers has made enough waves for the FBI to issue a warning about it. In addition to targeting these email providers bad actors have narrowed their search to those in specific fields like medical and tech.

The ransomware is called “Medusa” and it first came on the scene in 2021, emerging as part of a new group of ransomware found under the “Ransomware-as-a-Service (RaaS) umbrella. This means the hacker are not necessarily the creator of the ransomware but are instead utilizing scripting created by others as a means to profit from ransoms paid in lieu of getting your data back.

The creators of Medusa have been linked back to a group called Spearwing, which are particularly ruthless in that they try to extort victims twice. First, they steal your data and extort payment to not expose it and they also encrypt it and will not provide victims with a method to decrypt it until they receive a second payment. Spearwings ransom demands have ranged from $100,000 all the way up to $15 million.

There hasn’t been a definitive answer as to how the latest breaches were conducted, so it’s uncertain at this time whether the attacks were accomplished due to user error or through another method of breach. As such the FBI and CISA have recommendations as to how users can protect themselves from the Medusa ransomware that include:

1. Mitigate known vulnerabilities by ensuring operating systems, software, and firmware are patched and up to date within a risk-informed span of time.
2. Segment networks to restrict lateral movement from initial infected devices and other devices in the same organization.
3. Filter network traffic by preventing unknown or untrusted origins from accessing remote services on internal systems.

Proactive services (including cyber security) are a keystone offering for Valley Techlogic. With ransomware threats becoming more sophisticated and lucrative year over year, you need a team behind you to protect against outside threats. Below are five ways Valley Techlogic approaches cybersecurity protection for our clients:

1. 24/7 Threat Monitoring & Incident Response - We provide continuous monitoring of networks, endpoints, and cloud environments to detect and respond to threats in real time.
2. Advanced Endpoint Protection (EPP) & Endpoint Detection and Response (EDR) – We deploy antivirus, anti-malware, and behavioral analytics tools on all endpoints and use EDR solutions to detect, analyze, and remediate suspicious activities on client devices.
3. Security Awareness Training & Phishing Simulations – Our security awareness training educates employees on cybersecurity best practices and how to recognize social engineering attacks. We also run weekly phishing simulations to assess and improve employee readiness against cyber threats.
4. Regular Security Audits & Compliance Management – We can conduct penetration testing, vulnerability assessments, and risk audits to identify security gaps at the client’s request. We also offer specialized support for compliance with industry regulations like GDPR, HIPAA, NIST, or CMMC to avoid penalties and data breaches.
5. Consistent and Layered Approach to Backups – Our backup program TechVault is our multifaceted approach to backups, which includes separate backups for Microsoft (including Outlook), daily backups for servers, and an immutable copy that is write once read only. This approach gives us a wider array of options should a breach or data loss event occur.

Interested in learning more? Schedule a consultation with us today.

Looking for more to read? We suggest these other articles from our site.

This article was powered by Valley Techlogic, leading provider of trouble free IT services for businesses in California including Merced, Fresno, Stockton & More. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on X at https://x.com/valleytechlogic and LinkedIn at https://www.linkedin.com/company/valley-techlogic-inc/.