Security Affairs reports that organizations across Finland were warned by the country's National Cyber Security Centre regarding mounting Akira ransomware attacks against network-attached storage and backup devices since last month.
Akira was involved in six of seven ransomware attacks across the country in December, three of which have been deployed during the extended vacations of the Christmas season, said NCSC-FI in its alert. Attacks deployed by Akira have been targeted at Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense appliances impacted by the zero-day flaw, tracked as CVE-2023-20269, which could be leveraged to facilitate brute-force intrusions. "In all cases, careful efforts have been made to destroy the backups, and the attacker will find it difficult to do this. NAS (Network-Attached Storage) servers that are often used for backups on the network have been hacked and wiped, as have automatic tape backup devices, and in almost every case we know of, all backups have been lost," the alert said.
Akira was involved in six of seven ransomware attacks across the country in December, three of which have been deployed during the extended vacations of the Christmas season, said NCSC-FI in its alert. Attacks deployed by Akira have been targeted at Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense appliances impacted by the zero-day flaw, tracked as CVE-2023-20269, which could be leveraged to facilitate brute-force intrusions. "In all cases, careful efforts have been made to destroy the backups, and the attacker will find it difficult to do this. NAS (Network-Attached Storage) servers that are often used for backups on the network have been hacked and wiped, as have automatic tape backup devices, and in almost every case we know of, all backups have been lost," the alert said.
