Akira ransomware has been active since March 2023 and breaching corporate networks. The hackers use a VPN to launch an attack and target organizations that do not have two-factor authentication enabled. The hackers coerce victims into paying a ransom to regain control of their encrypted data. In cases where the victim refuses to comply, CERT-In has revealed that the attackers’ resort to further intimidation tactics. They follow through on their threats by publicly releasing stolen data on the dark web.
Cyber security consultant for the Ahmedabad crime branch Nisarg Shah says, “Be very careful while downloading files from unknown numbers on WhatsApp web, avoid using peer-to-peer (P) networks such as torrents to download pirated movies and be cautious while opening email attachments or downloading files from untrusted sources.”
He adds that the priority should be to update all software and operating systems with the latest patches and using updated antivirus software. Over the past two months, CERT-In has warned of two other ransomwares active across networks – Bl00dy ransomware, which was targeting the education sector in June and the Trigona ransomware in May.