412/67 Wednesday, November 20, 2024
The Akira ransomware group has caused alarm once more. On November 13–14, their website, used to publish victim information, was updated to list over 30 new victims in a single day—a record high since the group began operations in March 2023. Akira targets victims indiscriminately across various countries and industries. The latest victims include 25 in the United States, 2 in Canada, and others from Uruguay, Denmark, Germany, the United Kingdom, Sweden, the Czech Republic, and Nigeria. The affected industries span finance, manufacturing, construction, retail, technology, education, and critical infrastructure. Notably, 10 of the most recent victims are from the financial sector.
Akira operates as a ransomware-as-a-service (RaaS), allowing affiliates to carry out attacks. Sensitive data is stolen before encryption, and if victims refuse to pay the ransom, the stolen data is published on their website. The website features five sections, including “Data Leaks” and “News.” Recent updates reveal that three victims have chosen not to pay the ransom, resulting in their data being publicly released. The unprecedented daily victim count suggests an escalation in the group’s operations, intensifying pressure on victims by publishing large amounts of data.
Cybersecurity researchers at Cyberint warn that Akira remains a significant threat within the ransomware landscape, targeting hundreds of victims globally. Their report highlights that Akira’s activity is expected to grow further, especially after breaking their own record this month. The number of attacks in 2024 is already on track to surpass those in all of 2023 within just a few months.
To counter Akira ransomware, organizations are urged to regularly back up critical data and store copies offline. Enhancing system security by updating software and employing solutions like firewalls and threat detection systems is essential. Employee training on phishing and malware prevention can also help mitigate risks. Robust preventive measures are critical to reducing the likelihood of falling victim to ransomware.
Source https://www.darkreading.com/cyberattacks-data-breaches/akira-ransomware-30-victims-single-day