CISA Advisory

Akira Ransomware Threat Assessment

AA24-109A • Published April 18, 2024

Severity: critical

Akira ransomware has attacked over 250 companies and stolen $42 million. They usually get in through VPN systems that do not have two-factor authentication. If your VPN only requires a password, you are at high risk.

Overview

Joint advisory on Akira ransomware, which has impacted over 250 organizations and extracted $42 million in ransoms. Akira commonly targets organizations through VPN vulnerabilities and lacks of MFA.

Who Is At Risk

  • Organizations with VPN access
  • Healthcare sector
  • Manufacturing
  • Professional services
  • Education

Affected Products

Cisco ASA, Cisco FTD, FortiClient VPN

Is your business exposed?

Immediate Actions

  1. 1.

    Enable MFA on all VPN systems

  2. 2.

    Patch VPN appliances immediately

  3. 3.

    Monitor for Cisco ASA/FTD vulnerabilities

  4. 4.

    Implement strict access controls

  5. 5.

    Deploy endpoint detection

Official Source

https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-109a

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices