CISA, Partners Collaborate to Combat Akira Ransomware With New Advisory

The Cybersecurity and Infrastructure Security Agency, along with the Federal Bureau of Investigation and international cybersecurity agencies, have issued a joint cybersecurity advisory to address the growing threat of the Akira ransomware.

The advisory, released in collaboration with Europol’s European Cybercrime Centre and the Netherlands’ National Cyber Security Centre, details the evolving tactics, techniques and procedures employed by Akira ransomware actors, CISA said.

The guidance also highlights Akira threat actors’ shift from targeting Windows systems to deploying Linux variants that specifically target VMware ESXi virtual machines.

The CSA also provides indicators of compromise to assist organizations in identifying potential Akira ransomware infections, which have already impacted crucial entities in North America, Europe and Australia, and claimed millions of dollars in ransom.

CISA urged critical infrastructure stakeholders to take action and review the advisory, as well as resources on CISA’s #StopRansomware webpage for mitigation strategies, to defend themselves against Akira ransomware attacks and similar threats.