A new ransomware group called Akira has been making headlines, having breached over 250 organizations and making off with a staggering $42 million in ransom payments, according to alerts from top global cybersecurity agencies.
The United States Federal Bureau of Investigation (FBI) has been on the case, revealing that Akira has been targeting businesses and important infrastructure across North America, Europe, and Australia since March 2023. Initially focused on Windows systems, Akira has expanded its reach with a Linux variant.
The FBI, along with other key agencies like CISA, Europol’s EC3, and NCSC-NL, has issued a joint cybersecurity advisory to raise awareness about this threat.
According to the advisory, Akira gets into systems through vulnerable virtual private networks (VPNs) lacking multifactor authentication (MFA). Once inside, it steals credentials and sensitive data before locking up the system and demanding ransom. It’s a concerning situation, but with increased awareness, people can better protect themselves against Akira’s attacks.
The ransom note states, “Akira threat actors do not leave an initial ransom demand or payment instructions on compromised networks, and do not relay this information until contacted by the victim.”
Akira group demands payment in Bitcoin transferred to a crypto wallet address. They usually target organizations and lock them out of their systems until they pay up. To protect against these attacks, experts recommend having a plan to recover from such situations and using Multi-Factor Authentication (MFA) for added security.
It’s also important to filter network traffic, shut down any unused ports and hyperlinks, and encrypt data across the entire system.
The FBI, CISA, EC3, and NCSC-NL advise regularly testing your security setup to make sure it can handle the techniques hackers use. This testing should happen in a real-world setting to ensure it’s effective against the threats outlined in their advisory.
Also Read: Avraham Eisenberg Convicted in $110M Mango Markets Hack
