The National Securities Commission was attacked by a group of cybercriminals. More than 1.5 terabytes of documents and databases were compromised, demanding USD500,000 from the CVN not to disclose them. Although the group known as “Medusa” gave a period of one week to receive payment and not leak data, the agency managed to control the attack.
Operation Medusa has been in existence since 2021, and only took off forces in 2023, targeting corporate victims around the world, and demanding millions of dollars in ransoms. For those who do not pay the requested monetary amount, the gang uses a special blog to filter the stolen data.
This attack is known as ransomware, a type of malicious software that enters a company’s computer system to block and steal its data. In this way, the victims of this attack cannot access their own information. Then, the cyber criminals who take control of the data hostage, ask for ransom money to return the information.
This criminal methodology requires, for its development, a complex organization, and it is an industry that generates a lot of money. Furthermore, it is impossible for victims to know if by paying the full ransom, the stolen information would be completely deleted.