The agency called Akira a “top five” out of 130 ransomware variants targeting U.S. businesses.
The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and international partners issued a joint advisory regarding the threat of Akira ransomware. The Akira ransomware group has been around since 2023 and uses the double-extortion model, encrypting the data it steals to increase pressure on victims. According to federal agencies, attackers threaten to release stolen information unless their demands are met, often contacting victims through encrypted channels if initial ransom deadlines pass. The FBI said it was in the top five of the variants they investigate.
The group targets small- and medium-sized businesses across the manufacturing, education, IT, health care, financial, and agriculture sectors by using stolen credentials, vulnerabilities, brute-force, and password-spraying attacks.
“Actors are incredibly adaptable and are emphasizing operational security in their actions. Their attacks are increasingly becoming more sophisticated, complex and layered,” said Assistant Director Brett Leatherman of the FBI Cyber Division. “They can be extremely costly for victims, often with remediation costs far outpacing those of the original demand.”
Federal authorities outlined recommended protections for individuals and organizations, emphasizing stronger cybersecurity practices to prevent the malware from taking hold.
As the Lord Leads, Pray with Us…
- For FBI and CISA officials as they seek to prevent cyberattacks that affect businesses, institutions, and everyday users.
- For U.S. national and homeland security personnel as they promote technological developments and security efforts to safeguard communities from exploitation.
Sources: ExecutiveGov, CyberScoop
