Ransomware Gang Emerged in 2023, Also Hits Many Other Critical Sectors
For at least the third time in two years authorities are warning the healthcare and other sectors – including small and mid-sized businesses in those industries – of evolving threats posed by the Akira ransomware gang. Akira first surfaced in March 2023 but to date claims more than 1,119 victims and ransom proceeds of nearly $244.2 million.
The Health-Information Sharing and Analysis Center has tracked at least 24 Akira ransomware incidents affecting the health sector since the group emerged in 2023, said Errol Weiss, Health-ISAC chief security officer.
In the healthcare sector, Akira has historically targeted high-value critical operations including hospitals, outpatient facilities, medical device manufacturers, cloud-based EHR platforms and third-party IT service providers, he said.
“These targets are attractive due to their high ransom payment potential, as healthcare organizations face immense pressure to restore operations quickly. They also host patient records and medical research data, which is lucrative for double-extortion schemes,” he said.
Akira’s attacks against medical device manufacturers have recently spiked with at least three victims in the last 90 days, Weiss said. “Akira’s focus on third-party vendors is particularly concerning, as these vendors often serve as a conduit to larger healthcare networks, amplifying the potential impact of attacks.”
Akira is symptomatic of a broader trend Health-ISAC is seeing in ransomware, Weiss said. That’s the professionalization of cybercrime. “Groups like Akira operate with a business-like structure, using affiliate partners, leveraging initial access brokers and continuously evolving their tactics,” he said.
Read the article in Healthcare Info Security. Click Here
