Well, there’s a new player in town stirring up trouble in the cyber realm. Fancy a chat about them? Their name is Akira, and they’re not here for a friendly cuppa. This gang of ruffians has been causing havoc, specifically in the US health sector, in record time!
Akira – no, not those cheeky chappies from 2017, they’re long gone – but a new brood, first popped up in May of 2023. Can you believe it? In less than twelve months, they’ve already chalked up at least 81 victims!
Now, word on the street is that these blokes might be tied up with the old Conti crew, you remember them, right? A cunning lot they were. While it’s not been confirmed officially, there are hints. How they go about their devious deeds, the specific files they target, even which encryption algorithms they use all have a touch of Conti about them. If there’s a shred of truth to this, we might be dealing with a sophisticated lot here.
So, how does Akira operate, you ask? Well, they’re into this thing called ransomware-as-a-service or RaaS for those in the know. They focus on their ransomware and buddy up with other digital villains to launch their attacks and divvy up the ill-gotten gains. And here’s the kicker – they’re into ‘double extortion’. Not content with pilfering your data and locking up your systems, they have the gall to charge you twice! First, to set your systems free, and second, to ensure your stolen data doesn’t end up splashed across the internet.
Speaking of the Internet, did you hear they’ve even set up their own little corner of the web to shame their victims publicly? Gruesome reality of the modern world! So far, they’ve been found messing around both Windows and Linux infrastructure, fiddling their way globally but with a soft spot for organizations in the US, though they’ve been known to target us Brits, as well as our pals in Canada, Australia and New Zealand.
Their targets seem rather indiscriminate but here in the US, they’ve had a proper go at organizations in California, Texas, Illinois, and the East Coast, particularly the Northeast. It seems more about where their targets happen to be than a malicious preference for those states. As for industries, they’re rather promiscuous, but the health sector tops their hitlist, alongside materials, manufacturing, goods and services, construction, education, finance, and legal sectors.
Now don’t fret, there’s a method to their madness, and understanding their way of working can help us protect ourselves. Do you know what the MITRE ATT&CK framework is? Yes, the one that categorises the tactics and techniques used by cyber naughties. It appears Akira chappies have been rather busy with quite a few of them.
Well, my friend, I know it sounds like a right old carry on, but remember knowledge is power. Let’s keep our eyes peeled and stay safe in the digital wild west!
by Parker Bytes
