CERT-In, the government's technology arm responsible for guarding against cyberattacks, has issued a vital advisory cautioning against a new ransomware named "Akira."
Akira is a malicious software which is designed to infiltrate Windows and Linux-based systems, compromising sensitive information and encrypting data, leading to potential extortion.
The advisory highlighted the sophisticated tactics employed by the "Akira" ransomware. The attackers behind this insidious malware first stealthily pilfer crucial information from the victim's system. Once this is accomplished, the ransomware encrypts the data, rendering it inaccessible to the user. In a sinister move, the hackers then conduct a double extortion scheme, coercing the victim into paying a ransom amount to regain control of their encrypted data.
In cases where the victim refuses to comply with the hackers' demands, CERT-In revealed that the attackers resort to further intimidation tactics. They make good on their threats by publicly releasing the stolen data on the dark web, potentially causing significant reputational damage and exposing sensitive information.
To safeguard against this burgeoning threat, CERT-In strongly recommended that internet users adopt basic online hygiene and protection protocols. These measures include keeping all software and operating systems up-to-date with the latest security patches, regularly scanning systems for malware, and exercising caution while opening email attachments or downloading files from untrusted sources.
In addition to these preventive measures, the cyberrsecurity arm advised users to maintain offline backups of critical data and ensure they are consistently updated. By doing so, individuals and organisations can protect themselves from data loss in the event of a ransomware attack.
Furthermore, CERT-In emphasised the importance of implementing a robust password policy. Users were encouraged to employ strong and unique passwords for all their online accounts, making it harder for cybercriminals to gain unauthorised access.