Water For People, a prominent nonprofit, has become a target of the notorious Medusa ransomware group. This group, recognized for encrypting data and demanding ransoms, announced the cyberattack on Water For People by adding the organization to its victim list.
Additionally, the hacker group has stipulated a deadline of 9 days, 21 hours, 02 minutes, and 36 seconds for the organization to comply with their demands in the aftermath of the cyberattack.
Water For People, dedicated to promoting the development of high-quality drinking water and sanitation services, operates in nine countries, including Bolivia, Guatemala, Honduras, Peru, India, Malawi, Rwanda, Tanzania, and Uganda.
Cyberattack on Water For People: Demands and Deadline
The cybercriminals, in a post on a hacking forum, have laid out their demands: a ransom of US$10,000 within a day, US$300,000 to delete all the data, and an additional US$300,000 to download the data immediately.
As of now, the motive behind the cyberattack remains unknown. The official website of Water For People, however, appears to be functioning without any disruption, casting doubt on the authenticity of the hacker group’s claim.
To validate the seriousness of the situation, The Cyber Express Team attempted to reach out to the officials, but as of the writing of this report, no official response has been received, leaving the cyberattack on Water For People claim unverified.
Modus Operandi of Medusa Ransomware
Medusa ransomware, also known as MedusaLocker, surfaced in September 2019, primarily targeting Windows computers. Since its inception, the group has been responsible for attacks on various entities, including corporations, governmental bodies, and healthcare providers.
The modus operandi involves encrypting the victim’s data, denying access, and demanding a ransom for its release. Failure to comply results in the threat of exposing sensitive personal information.
This incident follows the infamous Medusa ransomware group’s recent breach of a Florida-based national specialty pharmacy chain, BioMatrix. The frequency and audacity of the attacks perpetrated by Medusa raise concerns about the vulnerabilities in cybersecurity measures across different sectors.
If the cyberattack on Water For People proves to be true, the implications could be severe. Beyond the immediate financial repercussions of the ransom, the potential exposure of sensitive data could compromise the organization’s integrity and trustworthiness.
Given the nonprofit’s commitment to providing essential services in multiple countries, the fallout could extend to operational disruptions, loss of donor confidence, and damage to the communities relying on Water For People’s support.
In the face of growing cyber threats, organizations worldwide are urged to enhance their cybersecurity measures to safeguard sensitive information and prevent falling prey to ransomware attacks.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.