Singapore’s authorities have issued a joint advisory warning local businesses about the rising threat of the Akira ransomware variant. This comes after several complaints were received from victims of the cyberattack, which has already stolen $42 million from over 250 organizations across North America, Europe, and Australia within a year.
Akira Ransomware Targets Singaporean Businesses
The Akira ransomware has been actively targeting businesses and critical infrastructure entities, according to investigations conducted by the United States Federal Bureau of Investigation (FBI). The ransomware’s message to victims demands payments in cryptocurrencies such as Bitcoin (BTC) to return control of their computer systems and internal data.
Authorities Advise Against Paying Ransom
The Singaporean authorities have advised businesses not to pay the ransom, as it does not guarantee the decryption of data or that the threat actors will not publish the stolen information. They have also asked businesses to report any incidents immediately to the authorities.
“If your organization’s systems have been compromised with ransomware, we do not recommend paying the ransom and advise you to report the incident immediately to the authorities. Paying the ransom does not guarantee that the data will be decrypted or that threat actors will not publish your data.”
Recommended Cybersecurity Practices
The authorities have provided the following recommendations to mitigate the threat of Akira ransomware attacks:
- Implement a comprehensive recovery plan
- Enable multifactor authentication
- Filter network traffic
- Disable unused ports and hyperlinks
- Employ system-wide encryption
Related Cybersecurity Threats
In a related development, Kaspersky recently found that North Korean hackers were targeting South Korean crypto businesses using the Durian malware. The malware boasts “comprehensive backdoor functionality, enabling the execution of delivered commands, additional file downloads, and exfiltration of files.”
The report also noted a “tenuous” connection between the Durian malware and the more notorious Lazarus Group, a North Korean hacking consortium.