CyberScoopreports that increasingly efficient techniques have significantly reduced theAkira ransomware operation‘s attack times.Utilization of zero-day exploits and intermittent encryption has allowed Akira ransomware to achieve the entire attack kill chain from initial access to encryption within less than four hours, with certain intrusions having been completed without being detected within an hour, according to a Halcyon analysis. Akira has also prioritized ensuring the restoration of large files in the event of an interrupted encryption process, unlike other ransomware gangs that have mostly focused on encryption malware development.”The group’s ability to move from initial access to full encryption in under an hour, while maintaining recovery guarantees that incentivize victim payment, reflects a mature, business-driven criminal enterprise,” said Halcyon.Such findings come after Akira, which leverages a double-extortion model, was regarded by the FBI and the Cybersecurity and Infrastructure Security Agency as one of the most prolific ransomware gangs worldwide.
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
