Harry Perkins Institute and Medusa Ransomware Attack
ABC Radio Perth called me this morning to ask about a recent Harry Perkins Institute of medical research ransomware attack . The audio is now posted here and I am at position 1:35:20 onwards . A more specific bit has now be posted here by ABC . This post summarises the notes I took while preparing for the brief morning interview. Medusa Group started in June 2021 and likely has Russian connections as some of the scripts discovered had titles in Russian. Medusa should not be confused with similarly named MedusaLocker (usually derived via emails, so never click any links ) that was around since 2019 or so. There is a great Unit42 write up about it that is worth a detailed read . The group became famous in early 2023 when it attacked the Minneapolis School System and demanded $1M ransom that was not paid and thus the data was released to the public. Later in November 2023 the group hacked Toyota Financial Services by exploiting a remote desktop Citrix node that was not kept up to dat