The joint advisory from the FBI, CISA, Europol’s EC3, and NCSC-NL highlights the extensive impact of the Akira ransomware operation, which has targeted over 250 organizations worldwide and amassed approximately $42 million in ransom payments since its emergence in March 2023. This ransomware group gained notoriety for its attacks across various industry verticals, including critical infrastructure entities in North America, Europe, and Australia.
Notably, Akira developers developed a Linux encryptor by June 2023 to target VMware ESXi virtual machines commonly used in enterprise organizations, enhancing their capability to compromise victims’ networks. The ransom demands vary, ranging from $200,000 to millions of dollars, depending on the size and significance of the compromised organization, as revealed in negotiation chats obtained by BleepingComputer.
Recent victims of Akira ransomware include Nissan Oceania and Stanford University, illustrating the group’s persistent targeting of high-profile entities and its capability to cause significant data breaches. Furthermore, the advisory offers comprehensive guidance to organizations on mitigating the risks associated with Akira attacks, emphasizing the importance of patching vulnerabilities, enforcing multifactor authentication, and conducting regular software updates and vulnerability assessments.
