By Shubhangi M 
- URGENT ALERT: FBI and CISA issue critical warning for Gmail and Outlook users regarding sophisticated Medusa ransomware attacks
- Widespread Impact: Over 300 organizations victimized as of February 2025 across medical, education, and technology sectors
- Immediate Action Required: FBI mandates enabling two-factor authentication (2FA) for all webmail and VPN services
- Double Extortion Method: Attackers encrypt data and threaten public release unless ransom paid
- Target Scope: Critical infrastructure sectors heavily impacted, including healthcare and manufacturing
- Enable multi-factor authentication immediately
- Use unique, complex passwords
- Keep all software and systems updated
- Monitor account activity regularly
- Attack Vector: Sophisticated phishing campaigns targeting email users
- Timeline: Medusa ransomware active since 2021
- Methodology: Exploits unpatched software vulnerabilities
- AI Enhancement: Increasingly sophisticated AI-based attacks reported
- Account Security
- Enable 2FA on all email accounts
- Update recovery information
- Review recent account activity
- Change passwords if necessary
- System Protection
- Update all operating systems
- Install latest security patches
- Review email security settings
- Monitor for suspicious activities
- Implement email filtering
- Use secure VPN connections
- Enable spam protection
- Regular security audits
- Add backup email addresses
- Update phone numbers for recovery
- Enable account notifications
- Document security settings
Bhushan M