Russian-based MedusaLocker ransomware group is upping its tactics and the HHS is warning healthcare organizations to "holistically require" multiple levels of access and authentication controls to defend against this group.
Here are four things to know about MedusaLocker, according to a Feb. 24 breach notification from the HHS:
- MedusaLocker was detected in September 2019.
- The group has targeted encrypted servers from multiple sectors, but is known for targeting healthcare organizations.
- MedusaLockers operates as a ransomware-as-a-service group.
- MedusaLocker is using a campaign that is known to target software vulnerabilities for unsecured remote desktop protocol servers and desktops.