CERT-In issues alert on 'Akira' ransomware

Tags: Science and Technology

CERT-In issues alert on 'Akira' ransomwareCERT-In (Indian Computer Emergency Response Team), issued a warning about a new Internet ransomware named 'Akira'.

An Overview of the News

  • Ransomware is designed to steal sensitive personal information and encrypt the data, forcing victims to pay a ransom.

  • The 'Akira' ransomware targets both Windows and Linux-based systems, gaining unauthorised access to victims' environments, especially those VPN services that lack multi-factor authentication. Once inside, attackers steal sensitive data from victims.

  • After stealing data, ransomware launches a two-pronged attack. First, it encrypts the victim's files, effectively blocking their access to their own data and systems. To pressure the victim into paying the ransom, attackers use a dual extortion tactic.

  • If the victim refuses to meet the ransom demand, the attackers resort to public shaming. They publish the stolen data on their dark web blogs, thereby exposing the victim's personal information.

Steps to protect against 'Akira' ransomware:

  • Maintain up-to-date offline backups of important data to minimise potential data loss in the event of an infection.

  • Regularly update the operating system and applications to strengthen protection against vulnerabilities and potential cyber threats. Consider using "virtual patching" to protect legacy systems and networks, making it harder for cybercriminals to exploit legacy software.

  • Enforce strong password policies and implement multi-factor authentication (MFA) to enhance the security of user accounts.

  • Avoid installing updates or patches from unofficial sources to reduce the risk of malware or other security breaches. Stay connected to official and reliable sources for updates.

Indian Computer Emergency Response Team (ICERT)

  • It functions as a division within the Ministry of Electronics and Information Technology under the Government of India.

  • ICERT is primarily tasked with dealing with and combating various cyber security threats including hacking and phishing.

  • Director General - Sanjay Behl

Please Rate this article, so that we can improve the quality for you -