The FBI and CISA warn healthcare organizations about Medusa ransomware, which exploits unpatched software. Since 2021, it has affected over 300 victims in critical sectors. Medusa recruits affiliates through cybercriminal forums and uses phishing and legitimate tools for attacks. Agencies recommend updating software, network segmentation, and traffic filtering to mitigate vulnerabilities, especially in resource-limited rural hospitals.

Dispersed responsibility, lack of asset inventory is causing gaps in medical device cybersecurity
Witnesses at a House hearing on medical device cybersecurity highlighted the need for better tracking of devices and their vulnerability to cyber threats. They noted