|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
FBI 和其他国际网络安全机构对 Akira 勒索软件团伙发出警告,该团伙自 2023 年 3 月以来已影响了 250 多个组织,勒索了 4200 万美元。Akira 针对 Windows 和 Linux 系统,利用缺乏 MFA 的预装 VPN 提取凭据并锁定系统。攻击者要求支付比特币,但拒绝支付最初的赎金要求,而是直接联系受害者。
Akira Ransomware: A Global Threat with Dire Implications
Akira 勒索软件:具有可怕影响的全球威胁
Washington, D.C. - A year-old ransomware group known as Akira has emerged as a formidable cyberthreat, targeting businesses and critical infrastructure entities worldwide. In a joint cybersecurity advisory, top global cybersecurity agencies, including the United States Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), Europol's European Cybercrime Centre (EC3), and the Netherlands' National Cyber Security Centre (NCSC-NL), have issued a stark warning about the group's malicious activities.
华盛顿特区 - 一个名为 Akira 的勒索软件组织已成为一种可怕的网络威胁,目标是全球企业和关键基础设施实体。在联合网络安全咨询中,全球顶级网络安全机构,包括美国联邦调查局 (FBI)、网络安全和基础设施安全局 (CISA)、欧洲刑警组织的欧洲网络犯罪中心 (EC3) 和荷兰国家网络安全中心 (NCSC) -NL)已对该组织的恶意活动发出严厉警告。
Investigations conducted by the FBI have revealed that Akira ransomware has breached more than 250 organizations, extorting an estimated $42 million in ransom payments. Its targets have spanned North America, Europe, and Australia, with a wide range of industries and sectors falling victim to its malicious code. Initially targeting Windows systems, the FBI has also detected a Linux variant of Akira, expanding its reach even further.
FBI 进行的调查显示,Akira 勒索软件已侵入 250 多个组织,勒索了大约 4200 万美元的赎金。其目标遍及北美、欧洲和澳大利亚,许多行业和部门都成为其恶意代码的受害者。 FBI 最初针对的是 Windows 系统,现在还检测到了 Akira 的 Linux 变体,进一步扩大了其影响范围。
The joint cybersecurity advisory provides a detailed analysis of Akira's tactics, techniques, and procedures (TTPs). The ransomware group gains initial access through pre-installed virtual private networks (VPNs) that lack multifactor authentication (MFA), a critical security measure that adds an extra layer of protection by requiring multiple forms of identification. Once inside the network, Akira proceeds to extract credentials and other sensitive information before locking up the system and displaying a ransom note.
联合网络安全咨询对 Akira 的策略、技术和程序 (TTP) 进行了详细分析。勒索软件团伙通过预装的虚拟专用网络 (VPN) 获得初始访问权限,但缺乏多重身份验证 (MFA),这是一项关键的安全措施,通过要求多种形式的身份验证来增加额外的保护层。一旦进入网络,Akira 就会继续提取凭据和其他敏感信息,然后锁定系统并显示勒索信息。
Notably, Akira threat actors deviate from typical ransomware practices by not leaving an initial ransom demand or payment instructions on compromised networks. Instead, they wait for the victim organization to contact them, creating a sense of uncertainty and urgency. The ransomware group demands payments in Bitcoin (BTC), a decentralized digital currency that allows for anonymous transactions.
值得注意的是,Akira 威胁行为者偏离了典型的勒索软件做法,不会在受感染的网络上留下初始赎金要求或付款指令。相反,他们等待受害者组织联系他们,从而造成一种不确定性和紧迫感。该勒索软件组织要求以比特币(BTC)付款,比特币是一种允许匿名交易的去中心化数字货币。
To protect against Akira ransomware and similar threats, the advisory recommends implementing a comprehensive set of cybersecurity best practices. These measures include:
为了防范 Akira 勒索软件和类似威胁,该建议建议实施一套全面的网络安全最佳实践。这些措施包括:
- Developing and regularly testing a recovery plan
- Enabling MFA on all remote access systems
- Filtering network traffic, including blocking unused ports and disabling hyperlinks
- Encrypting data across the entire system
- Regularly updating software and applying security patches
The advisory also highlights the importance of continually testing security programs in a production environment to ensure optimal performance against the latest cyber threats.
制定并定期测试恢复计划在所有远程访问系统上启用 MFA 过滤网络流量,包括阻止未使用的端口和禁用超链接在整个系统中加密数据定期更新软件并应用安全补丁该建议还强调了在生产环境中持续测试安全程序的重要性,以确保针对最新网络威胁的最佳性能。
"The FBI, CISA, EC3, and NCSC-NL strongly encourage organizations to take these recommendations seriously and implement appropriate security measures to protect their systems and data," the advisory concludes.
该咨询总结道:“FBI、CISA、EC3 和 NCSC-NL 强烈鼓励组织认真对待这些建议,并实施适当的安全措施来保护其系统和数据。”
The emergence of Akira ransomware is a stark reminder of the evolving sophistication and global reach of cybercrime. It underscores the need for organizations of all sizes to prioritize cybersecurity, adopt robust security measures, and remain vigilant against evolving threats.
Akira 勒索软件的出现清楚地提醒人们网络犯罪的复杂性和全球影响力的不断演变。它强调各种规模的组织都需要优先考虑网络安全,采取强有力的安全措施,并对不断变化的威胁保持警惕。
免责声明:info@kdj.com
The information provided is not trading advice. kdj.com does not assume any responsibility for any investments made based on the information provided in this article. Cryptocurrencies are highly volatile and it is highly recommended that you invest with caution after thorough research!
If you believe that the content used on this website infringes your copyright, please contact us immediately (info@kdj.com) and we will delete it promptly.
