The Finnish National Cybersecurity Center (NCSC-FI) has issued a warning about increased Akira ransomware activity targeting companies in the country and wiping backups. According to the agency, six out of the seven reported ransomware incidents in December were attributed to the Akira ransomware.

The attackers have been targeting network-attached storage (NAS) devices and tape backup devices, destroying backups and putting pressure on victims to pay a ransom. The NCSC-FI recommends that organizations switch to using offline backups and follow the 3-2-1 rule for data protection.

The Akira ransomware attacks gained access to victims’ networks by exploiting CVE-2023-20269, a vulnerability affecting the VPN feature in Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) products. To prevent attacks exploiting this vulnerability, organizations are advised to upgrade to Cisco ASA 9.16.2.11 or later and Cisco FTD 6.6.7 or later.

, , , , , , , ,
Show Comments

Fabio

Full Stack Developer

About the Author

I’m passionate about web development and design in all its forms, helping small businesses build and improve their online presence. I spend a lot of time learning new techniques and actively helping other people learn web development through a variety of help groups and writing tutorials for my blog about advancements in web design and development.

View Articles