Medusa hackers demand KSh 67m ransom after breaching Kenya Airports Authority (KAA) data
3 min read
Medusa hackers demand over KSh 67m ransom from Kenya Airports Authority (KAA) to Return Data
Medusa hackers demand over KSh 67m ransom from Kenya Airports Authority (KAA) to Return Data.
Kenya Airports Authority (KAA) has confirmed that it suffered a cyberattack from the notorious hacking group, Medusa according to NTV.
Medusa demanded KSh 67.6 million from KAA, which the authority has said it did not engage them since the breach was insignificant.
While KAA claims that no sensitive data was stolen, the attack resulted in the leakage of procurement plans, physical plans, site surveys, invoices, and receipts.
The hackers released 514 GB of data breached from the airport on Tuesday, April 18.
They claimed to have information on procurement plans, physical plans, site surveys, invoices, and receipts.
The leaked data has been posted on multiple websites and some Telegram Channels.
KAA disputed the claim saying the data accessed is public information and does not pose any danger.
“All the data that was accessed is public information. We didn’t know if they had made copies of what they claimed to have,” said an official from KAA, as quoted by NTV.
He said the hackers gained access using one of the KAA engineer’s Identity Card and passport.
Jubilee Insurance was also hacked by another group LockBit, doing away with 662 GB of the company data.
Showdown looms as Azimio vows to hold Murang’a meeting despite police canceling it
Constitutional expert weighs on Raila’s ICC case against IG Koome
Eliud Kipchoge explains why he lost Boston Marathon
Raila set for Mt Kenya tour ahead of weekly protests
The hackers gave the insurance firm until Friday, April 14, 2023, to pay the ransomware before they could return the data.
The incident underscores the growing threat of cybercrime in Kenya, with Communication Authority data indicating that the number of cyber threats more than doubled in the financial year 2021-2022.
Cyberattacks in Kenya CA data showed 359.2 million cyber threats, up 154.4 million were reported in the year 2020-21, representing a 133% growth.
How easily the attackers gained access to KAA’s network raises the question about how secure the network is.
Who is Medusa?
Medusa is a notorious hacking group that has been active since 2021.
The group uses a combination of AES and RSA encryption algorithms to lock up data, making it challenging to recover without paying a ransom.
Medusa has been linked to other high-profile cyberattacks, including an attack on Minneapolis Public Schools (MPS), a complex of public schools located in the Minneapolis School District.
The group went silent after a series of attacks, only to resurface in 2023.
Also read,
How Uhuru circumvented salary delays during his tenure
Blow to Raila as police cancel Azimio’s Mt Kenya public rally
Babu Owino has a case to answer in a gun drama involving Dj Evolve; court now rules
Follow us
