CERT-In cautions against ransomware ‘Akira’ attack
CERT-In cautions against ransomware ‘Akira’ attack: A new Internet ransomware virus called ‘Akira’ has surfaced in cyberspace, designed to steal crucial personal information and encrypt data, thereby coercing individuals into paying ransom money.
Daily Current Affairs Quiz: July 2023
Akira Ransomware: Operating Mechanism and Double Extortion Tactics
- This ransomware targets both Windows and Linux-based systems. Initially, the organisation acquires unauthorised access to victims’ environments, mainly via VPN providers that do not support multi-factor authentication. Once inside, they proceed to steal sensitive information from the victims.
- After extracting the data, the ransomware executes a two-pronged attack. Firstly, it encrypts the victim’s files, effectively blocking their access to their own data and system. To coerce the victim into paying the ransom, the attackers engage in double extortion tactics.
- If the victim refuses to comply with the ransom demands, the attackers resort to public shaming. They publish the stolen data on their dark web blog, exposing the victim’s private information.
Prevention measures against ‘Akira’ Ransomware
Keep current offline backups of critical data to avoid data loss in the case of an infection. Consistently update operating systems and applications to fortify defenses against vulnerabilities and potential cyber threats. Consider employing “virtual patching” to safeguard legacy systems and networks, deterring cyber criminals from exploiting outdated software.
Implement robust password policies and enforce multi-factor authentication (MFA) to bolster the security of user accounts. Avoid installing updates or patches from unofficial sources to minimize the risk of introducing malware or other security breaches.
About Computer Emergency Response Team
The Indian Computer Emergency Response Team, or ICERT, is an institution of the Government of India’s Ministry of Electronics and Information Technology. Its primary responsibility is to address and tackle cyber security threats such as hacking and phishing. By enhancing the security measures within the Indian Internet domain, ICERT plays a crucial role in safeguarding against potential attacks.
Key takeaways for competitive examinations
- Director General of The Indian Computer Emergency Response Team(CERT-In): Sanjay Bahl