Ransomware cyber

ADSP Mar Tirreno Settentrionale

Mar 4, 2024 1 min read
ADSP Mar Tirreno Settentrionale

In March 2024, the Medusa ransomware group launched a targeted attack on ADSP Mar Tirreno Settentrionale, the port authority overseeing the Northern Tyrrhenian Sea in Italy. The cybercriminals successfully infiltrated the organization’s systems, exfiltrating and subsequently leaking sensitive internal documents and financial records. Medusa, known for deploying malicious email attachments and torrent-based infiltration techniques, continued its broader campaign against public sector entities. The attack disrupted operational integrity, exposed confidential administrative and financial data, and placed the authority under coercive pressure by demanding a substantial ransom in exchange for the stolen information. The breach not only compromised the port authority’s internal workflows but also raised concerns over the security of critical maritime infrastructure, potentially affecting trade, logistics, and regulatory compliance in the region. The incident underscores the growing threat of ransomware groups targeting government-linked organizations to exploit vulnerabilities for financial gain and data leverage.

Source: https://www.halcyon.ai/attacks/medusa-attacks-adsp-mar-tirreno-settentrionale

TPRM report: https://www.rankiteo.com/company/adsp-mts

"id": "ads445092125",
"linkid": "adsp-mts",
"type": "Ransomware",
"date": "3/2024",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of geographical region"
{'affected_entities': [{'industry': 'transportation (port authority)',
                        'location': 'Italy (Northern Tyrrhenian Sea region)',
                        'name': 'ADSP Mar Tirreno Settentrionale',
                        'type': 'government agency'}],
 'attack_vector': ['malicious email attachments', 'torrents'],
 'data_breach': {'data_exfiltration': True,
                 'sensitivity_of_data': 'high',
                 'type_of_data_compromised': ['internal documents',
                                              'financial records']},
 'date_detected': 'March 2024',
 'date_publicly_disclosed': 'March 2024',
 'description': 'The Medusa ransomware group attacked ADSP Mar Tirreno '
                'Settentrionale, the port authority for the Northern '
                'Tyrrhenian Sea in Italy, in March 2024. They leaked sensitive '
                'data such as internal documents and financial records. '
                'Medusa, known for its use of malicious email attachments and '
                'torrents to infiltrate systems, continued its campaign of '
                'targeting public sector organizations, demanding substantial '
                'ransoms for the safe return of stolen data.',
 'impact': {'brand_reputation_impact': 'high (public sector breach, sensitive '
                                       'data leaked)',
            'data_compromised': ['internal documents', 'financial records']},
 'initial_access_broker': {'entry_point': ['malicious email attachments',
                                           'torrents'],
                           'high_value_targets': ['internal documents',
                                                  'financial records']},
 'motivation': 'financial gain (ransom demand)',
 'ransomware': {'data_exfiltration': True,
                'ransom_demanded': 'substantial (unspecified amount)',
                'ransomware_strain': 'Medusa'},
 'threat_actor': 'Medusa ransomware group',
 'title': 'Medusa Ransomware Attack on ADSP Mar Tirreno Settentrionale '
          '(Northern Tyrrhenian Sea Port Authority)',
 'type': ['ransomware', 'data breach']}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.