Medusa Ransomware Targets Over 300 Critical Infrastructure Organizations

The Medusa ransomware has attacked more than 300 critical infrastructure sectors in the past month, including health, government, education, and technology, according to a recent report from the CISA. Medusa employs double extortion tactics, encrypting victims' files and threatening to disclose stolen data, as well as triple extortion, where victims are sometimes contacted by a second actor demanding additional payment. Medusa's activity has increased by 42% year over year, making this group one of the most aggressive.