Akira is a new family of ransomware that emerged in March 2023 and has been targeting a variety of organisations, including those in the finance, real estate, manufacturing sectors, and even a children’s daycare centre. The ransomware is notable for its curious data leak site, which has a retro 1980s green-on-black theme and invites visitors to type in commands rather than navigate through a menu. The ransomware exfiltrates data from hacked corporate networks before triggering its encryption routine, and then demands a ransom ranging from $200,000 to millions of dollars for its return. If organisations refuse to pay, the attackers threaten to sell their personal information, trade secrets, databases, and source codes to multiple threat actors.
To protect against Akira and other ransomware, organisations should make secure offsite backups, run up-to-date security solutions and ensure that their computers are protected with the latest security patches against vulnerabilities, restrict an attacker’s ability to spread laterally through their organisation via network segmentation, use hard-to-crack unique passwords and enable multi-factor authentication, encrypt sensitive data wherever possible, reduce the attack surface by disabling functionality that the company does not need, and educate and inform staff about the risks and methods used by cybercriminals to launch attacks and steal data.
