Companies advised not to pay if hit by Akira ransomware

/in


RECOMMENDED MEASURES

The authorities advised companies to implement and regularly monitor the compliance of several mitigation measures and policies in order to reduce the risks and impact of a ransomware incident.

Organisations should enforce strong password policies requiring the use of strong passwords or passphrases requiring at least 12 characters with mixed composition- upper case letter, lower case letter, numbers and special characters.

They should also implement multi-factor authentication to minimise the risk of unauthorised access to all internet-facing services like VPNs and accounts that access critical systems.

Reputable anti-virus or anti-malware software can help to detect the presence of Akira or other ransomware variants, the authorities said.

“This can be done through real-time monitoring of system processes, network traffic, and file activity for indicators of compromise typically associated with the malware.”

The software can be configured to block the execution of suspicious files, prevent unauthorised remote connections, and restrict access to sensitive files and folders.

“Organisations should periodically scan their systems and networks for vulnerabilities and regularly update all operating systems, applications, and software by applying the latest security patches promptly, especially for functions critical to the business,” said the police, CSA and PDPC.

Companies using older applications that are no longer supported by the developer should migrate to newer alternatives.

Segregating networks can also help control traffic flow between sub-networks, limiting the spread of ransomware. Organisations should also monitor their logs for any suspicious activities and carry out remediation measures where necessary.

Routine backups of important data should be conducted. The authorities recommended companies follow the 3-2-1 rule when performing backups: Keep three copies of backups, store them in two different media formats and store one set of backups off-site.

Conducting incident response exercises and developing business continuity plans can help improve an organisation’s readiness for a ransomware attack, they added. 

Retaining only essential…

Source…