A concerning development in cyberspace has brought forth a new Internet ransomware known as ‘Akira,’ which poses a significant threat to individuals and organizations alike. Operating on both Windows and Linux-based systems, this malicious software infiltrates victims’ environments, exploiting vulnerabilities in VPN services lacking multi-factor authentication to gain unauthorized access.
Once inside, the attackers proceed to extract sensitive information from their victims, leaving them vulnerable and at their mercy. A two-pronged attack is then unleashed. Firstly, ‘Akira’ encrypts the victim’s files, rendering their own data and systems inaccessible. This step is a prelude to their coercive strategy – engaging in double extortion to compel the victims into paying a hefty ransom.
In a disturbing twist, if the victims refuse to comply with the ransom demands, the attackers resort to public shaming. The stolen data is brazenly published on the dark web, exposing the victim’s private information and causing potential reputational damage.
To mitigate the impact of such an infection, it is vital to maintain current offline backups of crucial data. Regularly updating operating systems and applications is also crucial to bolster defenses against vulnerabilities and potential cyber threats. Employing “virtual patching” can further safeguard legacy systems and networks, deterring cyber criminals from exploiting outdated software.
Strengthening user account security is paramount. Implementing robust password policies and enforcing multi-factor authentication (MFA) provide an additional layer of protection against unauthorized access.
Furthermore, it is essential to exercise caution and avoid installing updates or patches from unofficial sources. Such practices minimize the risk of introducing malware or other security breaches that cybercriminals may exploit.
In the Indian Internet domain, the Indian Computer Emergency Response Team, or ICERT, operates under the Ministry of Electronics and Information Technology of the Government of India. ICERT plays a vital role in addressing and countering cybersecurity threats, including hacking and phishing. Their efforts to enhance security measures contribute significantly to safeguarding against potential cyber attacks.
Director General of The Indian Computer Emergency Response Team (CERT-In): Sanjay Bahl.