Akira Ransomware

NEWS: What is Akira, a ransomware CERT-In has flagged

• The Computer Emergency Response Team of India issued an alert for ransomware dubbed “Akira.” 
• The group behind the ransomware has already targeted multiple victims, mainly those located in the U.S., and has an active Akira ransomware leak site with information, including their most recent data leaks.

 What is a Ransomware?

• Ransomware is a malware designed to deny a user or organization access to files on their computer. 
• By encrypting these files and demanding a ransom payment for the decryption key, cyber attackers place organizations in a position where paying the ransom is the easiest and cheapest way to regain access to their files.

AKIRA

• The Akira ransomware is designed to encrypt data, create a ransomware note and delete Windows Shadow Volume copies on affected devices. 
• The ransomware gets its name due to its ability to modify filenames of all encrypted files by appending them with the “. Akira” extension. 
• The ransomware is designed to close processes or shut down Windows services that may keep it from encrypting files on the affected system.
• It uses VPN services, especially when users have not enabled two-factor authentication, to trick users into downloading malicious files.
• The ransomware is spread through spear phishing emails with malicious attachments, drive-by downloads, specially crafted web links in emails, and insecure Remote Desktop connections.
• It has targeted various domains, including education, finance, real estate, manufacturing, and consulting, and once inside a corporate network, it spreads laterally to other devices using stolen Windows domain admin credentials.

How to Protect Against AKIRA?

• Maintain up-to-date offline backups
• Keep operating systems and networks updated
• Implement strong password policies and multi-factor authentication
• Enforce data encryption
• Block attachment file types that are commonly associated with malicious code
• Regular security audits of critical systems

Practice Questions for Prelims

In terms of cyber security, what does the term “encryption” mean?
1. It is the practice of serving selected content to various user geographical locations.
2. It is a process of encoding messages or information in such a way that only authorised parties can read it.

Which of the statement(s) given above is/are correct?
a) Only 1
b) Only 2
c) All of the above
d) None of the above

Ans. b)

Mains Practice Question

What is a cyber threat? Discuss various challenges associated with cyber threats along with steps taken by the government to prevent it.

Chetan Bharat Learning is the best institute in Chandigarh for UPSC IAS ,PCS preparation. To know more about Chetan Bharat Learning’s Online & Classroom Courses, click on the following links: