SEE AMAZON.COM DEALS FOR TODAY
Accident – Death – Obituary News : : 1. Akira ransomware threats
2. Joint cybersecurity advisory
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the FBI, Europol’s European Cybercrime Centre, and the Netherlands’ National Cyber Security Centre have published a joint cybersecurity advisory regarding the Akira ransomware, which has impacted businesses and critical infrastructure entities globally. The advisory details the tactics and procedures used by Akira threat actors, including initial access through VPN services and exploitation of known vulnerabilities. The ransomware encrypts files with extensions such as .akira and .powerranges, and threat actors use tools like Mimikatz for credential scraping. Organizations are advised to implement security measures to prevent ransomware attacks, such as network segmentation, multi-factor authentication, and regular software updates. The Just-in-Time (JIT) access method allows for privileged access only when necessary, aligning with the Zero Trust model. By automatically disabling admin accounts not in use at the Active Directory level, organizations can enhance security. Users can request access through an automated process for a specific timeframe to complete tasks. To prevent privilege escalation and lateral movement, organizations should disable command-line and scripting activities. Regular offline backups of encrypted, immutable data are crucial for continuity. In response to the Akira ransomware targeting the U.S. health sector, the Health Sector Cybersecurity Coordination Center issued an alert. The group has ties to the Conti ransomware gang and targets multiple countries.
You may also like to watch : Who Is Kamala Harris? Biography - Parents - Husband - Sister - Career - Indian - Jamaican Heritage
Looking for a reliable and experienced SEO agency to boost your online presence? Look no further than our team of experts. With years of experience in the industry, we specialize in driving organic traffic to your website, increasing your search engine rankings, and ultimately helping you reach your business goals. Our proven strategies and techniques are tailored to meet your specific needs, ensuring maximum results for your investment. Trust us to deliver measurable results and take your online visibility to the next level. Contact us today to learn more about how we can help you achieve your SEO goals.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with the Federal Bureau of Investigation (FBI), Europol’s European Cybercrime Centre (EC3), and the Netherlands’ National Cyber Security Centre (NCSC-NL) have issued a joint cybersecurity advisory regarding the Akira ransomware threat. This advisory comes in response to the increasing impact of Akira ransomware on businesses and critical infrastructure entities across North America, Europe, and Australia.
According to the advisory, Akira ransomware has been targeting a wide range of organizations since March 2023, with an estimated impact on over 250 organizations and claimed proceeds of approximately $42 million (USD) in ransom payments. The threat actors behind Akira ransomware have been observed using both Windows-specific and Linux variants to target systems, with a shift in tactics observed since April 2023.
The advisory highlights that Akira threat actors have been exploiting vulnerabilities in VPN services, such as known Cisco vulnerabilities CVE-2020-3259 and CVE-2023-20269, to gain initial access to organizations. Once inside a network, the threat actors attempt to establish persistence by creating new domain accounts and abusing domain controllers. They also leverage post-exploitation attack techniques, such as credential scraping and privilege escalation tools, to further infiltrate networks.
In addition, Akira threat actors have been observed using a double-extortion model, encrypting systems after exfiltrating data and demanding ransom payments in Bitcoin. To further pressure victimized organizations, the threat actors threaten to publish exfiltrated data on the Tor network.
You may also like to watch: Is US-NATO Prepared For A Potential Nuclear War With Russia - China And North Korea?
To mitigate the risk of Akira ransomware attacks, the advisory recommends organizations implement a series of cybersecurity measures. These include maintaining multiple copies of sensitive data in secure locations, enforcing multi-factor authentication for all accounts, keeping systems and software up to date, and segmenting networks to prevent the spread of ransomware.
Furthermore, organizations are advised to monitor network traffic for abnormal activity, implement endpoint detection and response tools, and regularly update antivirus software on all hosts. Access controls should be configured according to the principle of least privilege, and unused ports should be disabled to reduce the attack surface.
Overall, the advisory underscores the importance of proactive cybersecurity measures to defend against the evolving threat of Akira ransomware. By implementing the recommended mitigations and best practices, organizations can enhance their resilience against ransomware attacks and protect their critical assets and data from malicious actors.
Health Sector Cybersecurity Coordination Center Issues Warning on Akira Ransomware
In a recent development, the Health Sector Cybersecurity Coordination Center (HC3) in the U.S. Department of Health & Human Services (HHS) has issued a warning about the growing threat of the Akira ransomware. This relatively new ransomware gang has been actively targeting the U.S. health sector, posing a significant risk to organizations in the industry.
Aggressive Targeting of U.S. Health Sector
The HC3 analyst note highlighted that the Akira ransomware group has demonstrated aggressive and capable targeting of the U.S. health sector in its short lifespan. The group is known for its sophisticated tactics and has been linked to previous ransomware attacks in other countries, including the U.K., Canada, Australia, and New Zealand.
Potential Connections to Conti Ransomware Group
Research suggests that the Akira ransomware group may have connections to the now-defunct Conti ransomware gang, adding another layer of complexity to the threat landscape. This connection raises concerns about the potential for coordinated attacks and the sharing of tactics and techniques between the two groups.
Protecting Against Ransomware Attacks
Organizations in the health sector and beyond must take proactive steps to protect themselves against ransomware attacks. Implementing robust cybersecurity measures, such as regular backups, offline storage of data, and access controls, can help mitigate the risks posed by ransomware groups like Akira.
The Importance of Data Backups
Maintaining offline backups of data is crucial in ensuring that organizations can recover from a ransomware attack without losing critical information. By regularly backing up data and storing it securely, organizations can reduce the impact of an attack and minimize the chances of data loss.
Enforcing Access Controls
Implementing access controls, such as the Just-in-Time (JIT) access method, can help organizations limit privileged access and enforce the principle of least privilege. By setting network-wide policies to automatically disable admin accounts when not in use, organizations can reduce the risk of unauthorized access and potential data breaches.
Conclusion
As the threat of ransomware continues to evolve, organizations must remain vigilant and proactive in their cybersecurity efforts. By following best practices, such as maintaining offline backups, enforcing access controls, and staying informed about emerging threats like Akira ransomware, organizations can strengthen their defenses and protect against potential attacks.
