- Singapore warns businesses of Akira ransomware targeting over 250 organizations globally, now focusing on Singapore.
- Akira ransomware has extorted $42 million in ransoms in a year, shifting its attacks to Singaporean companies.
- Recommended defenses include multifactor authentication, network traffic filtering, and system-wide encryption.
Singaporean authorities have warned local businesses of the growing threat posed by the Akira ransomware, a variant known for targeting over 250 organizations across North America, Europe, and Australia. The ransomware group behind Akira has now set its sights on businesses in Singapore, as confirmed by the Cyber Security Agency of Singapore, the Singapore Police Force, and the Personal Data Protection Commission.
Akira’s Increasing Attack and Tactics
The Akira ransomware has made significant strides in its operations, amassing $42 million in ransoms within a year. Initially, it targeted organizations in North America, Europe, and Australia. However, it has recently begun focusing on Singaporean businesses. According to the FBI, which has been investigating Akira’s activities, the ransomware group has evolved its tactics to target both Windows and Linux systems through a “ransomware-as-a-service” (RaaS) model.
Authority’s Caution
The Singaporean advisory stresses the importance of not succumbing to ransom demands. The advisory stated,
“If your organization’s systems have been compromised with ransomware, we do not recommend paying the ransom and advise you to report the incident immediately to the authorities. Paying the ransom does not guarantee that the data will be decrypted or that threat actors will not publish your data.”
Authorities recommend several mitigation measures to protect against ransomware attacks. These include implementing a comprehensive recovery plan, enabling multifactor authentication, filtering network traffic, disabling unused ports, and encrypting sensitive data across the organization.
North Korea’s Durian Malware
Akira is not the only ransomware group posing a significant threat. Recent findings by cybersecurity firm Kaspersky have shown that North Korean hackers are targeting South Korean cryptocurrency businesses with malware known as Durian.
North Korean Hackers Deploy New Durian Malware Targeting Crypto FirmsSingapore’s Crypto Regulations
The Monetary Authority of Singapore (MAS) has implemented measures to enhance the transparency and security of cryptocurrency transactions. These regulations aim to prevent the misuse of cryptocurrencies for illicit activities, including ransomware payments. By enforcing strict know-your-customer (KYC) and anti-money laundering (AML) policies, Singapore seeks to mitigate the risk of its businesses becoming lucrative targets for ransomware groups like Akira.