FBI Warning—Gmail, Outlook And VPN Users Need To Act Now

FBI Warning—Gmail, Outlook And VPN Users Need To Act Now

The Federal Bureau of Investigation (FBI) has issued a warning to Gmail, Outlook, and VPN users regarding the Medusa ransomware attacks. The warning advises users to enable two-factor authentication (2FA) for these services immediately, as ongoing attacks by the Medusa ransomware gang continue.

FBI And CISA Issue Medusa Ransomware Industry Joint Alert

Medusa, a highly dangerous ransomware-as-a-service provider, has been linked to at least 300 victims from the critical infrastructure sector since its campaign was first observed in June 2021. The FBI and U.S. Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint alert warning of this threat.

Recommended Mitigations

The FBI recommends the following mitigations to prevent Medusa ransomware attacks:

  • Deploy software patches for vulnerable systems and applications.
  • Implement network segmentation to isolate sensitive areas of your network.
  • Block access to services from unknown or untrusted sources.
  • Avoid adopting an assumed breach position, as it can shift the focus from preventing breaches to detecting, responding, and recovering quickly.

Roger Grimes: The Warning Does Not Go Far Enough

Roger Grimes, a data-driven defense evangelist at KnowBe4, argues that the FBI's warning does not go far enough in addressing the social engineering aspect of ransomware attacks. Social engineering is involved in 70% - 90% of all successful hacking attacks, yet it is not mentioned in the recommended mitigations.

Don't Pay The Ransom

The FBI has previously warned that victims of ransomware should not pay the ransom demanded. In fact, a recent ransomware analysis from Semperis revealed that most ransomware attacks are not a one-time thing, with 75% of organizations being attacked multiple times in the past 12 months.

FBI Denver Field Office Warns Of More Ransomware Threats

The FBI Denver Field Office has issued a warning to all users of a newly discovered scam campaign that involves the use of free online document converter tools. These tools can actually lead to ransomware attacks, and users should only use reputable sites and services.