Medusa Ransomware Hits Manens S.p.A. in Major Cyber Attack

Incident Date: Nov 17, 2024

Attack Overview

VICTIM

Manens S.p.A.

INDUSTRY

Education

LOCATION

Italy

ATTACKER

Medusa

FIRST REPORTED

November 17, 2024

Request Removal

Medusa Ransomware Group Targets Manens S.p.A. in a Significant Cyber Attack

On November 15, Manens S.p.A., a leading Italian engineering consulting firm, became the latest victim of a ransomware attack by the notorious Medusa group. This attack underscores the growing threat of ransomware to organizations in the engineering and consulting sectors.

About Manens S.p.A.

Manens S.p.A., also known as Manens-Tifs S.p.A., is a prominent player in the consulting engineering sector, particularly in sustainability and energy management. Established through the merger of Manens Intertecnica and TiFS Ingegneria, the company boasts over 50 years of experience. Headquartered in Padova, Italy, with additional offices in Verona and Riyadh, Saudi Arabia, Manens employs approximately 400 professionals. The firm is renowned for its expertise in MEP engineering, focusing on mechanical, electrical, and plumbing systems, and is committed to sustainability, promoting green building certifications like LEED® and BREEAM®.

Attack Overview

The Medusa ransomware group, known for its sophisticated encryption techniques and multi-extortion strategies, claimed responsibility for the attack on Manens S.p.A. The attack potentially compromised sensitive corporate data, although the exact size of the data leak remains undisclosed. Medusa's modus operandi typically involves exploiting vulnerabilities through phishing emails and compromised credentials, which may have been the entry point in this case.

Medusa Ransomware Group

Since its emergence in 2021, the Medusa ransomware group has distinguished itself through its rapid encryption capabilities and aggressive multi-extortion tactics. Operating under a Ransomware-as-a-Service model, Medusa targets a diverse range of organizations, including educational institutions and engineering firms. The group employs a hybrid encryption model using AES-256 and RSA-2048 algorithms, making data recovery without a decryption key nearly impossible. Medusa's attacks are geographically widespread, affecting organizations across Europe, North America, and beyond.

Potential Vulnerabilities

Manens S.p.A.'s focus on large-scale infrastructure projects and its extensive use of digital systems for project management and design may have made it an attractive target for cybercriminals. The company's commitment to innovation and sustainability, while a strength, also necessitates advanced cybersecurity measures to protect sensitive data and intellectual property from sophisticated threat actors like Medusa.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.