AN urgent alert has been issued to Irish Gmail and Outlook users over a major cyberattack threat.
Some users have been extorted for a hefty ransom by hackers.
Gmail and Outlook users are being told to be wary of a program known as Medusa ransomware as it may take sensitive information pertaining to you or others.
The cyberattack has already taken data from over 300 victims, most of whom are part of “critical infrastructure sectors.”
This includes those associated with hospitals, schools, and large businesses – with the cyberattack using phishing scams to get large sums of money.
The FBI and US Cybersecurity and Infrastructure Security Agency have since released a statement to explain how the scam works and what you can do to protect yourself.
Medusa deceives people by using fraudulent emails or websites that grant access to sensitive information.
Once hackers gain entry, they lock up all crucial files and create duplicates, which they threaten to release unless paid.
The FBI said: “Medusa originally operated as a closed ransomware variant; all development and associated operations were controlled by the same group of cyber threat actors.
“While Medusa has since progressed to using an affiliate model, important operations such as ransom negotiations are still centrally controlled by the developers.
“Both Medusa developers and affiliates—referred to as “Medusa actors” in this advisory — employ a double extortion model, where they encrypt victim data and threaten to publicly release exfiltrated data if a ransom is not paid.”
Reportedly, some cybercriminals are demanding ransoms ranging from €100,000 to €5million.
To protect yourself from Medusa, Gmail users are advised to implement two-factor authentication immediately.
How to protect yourself
This adds an extra layer of security by requiring a verification code sent via text message before accessing your inbox.
And both businesses and individuals should ensure their operating systems have the latest security updates.
Users should also maintain an active spam filter to prevent phishing emails from reaching their inbox.
Along with these precautions, the FBI advises removing sensitive photographs from your Gmail and opting for physical copies of important documents.
What’s more, it is crucial to delete any suspicious emails containing redirect links, as clicking on these could grant hackers access to your computer.
How to protect your business
For businesses, the FBI and CISA have issued a three-point plan to protect against Medusa ransomware.
The first step is to mitigate known vulnerabilities by ensuring that operating systems, software, and firmware are patched and up to date.
Up next, businesses should segment networks to limit the spread of computer viruses within the organisation.
Finally, they should filter network traffic to prevent unknown or untrusted sources from accessing their services on internal systems.
