Call Us Now

+91 9606900005 / 04

For Enquiry

legacyiasacademy@gmail.com

About The Akira Ransomware

Context:

Recently, the Computer Emergency Response Team of India issued an alert for ransomware dubbed Akira.

Relevance:

GS III: Security Challenges

Dimensions of the Article:

  1. About Akira Ransomware:
  2. What is ransomware?
  3. What is Cyber Attack and Cyber Security?
  4. What are other similar types of Cyber Attacks?

Akira Ransomware

  • Akira Ransomware is a malicious software designed to encrypt data on targeted devices, leaving them inaccessible to users.
  •  It appends the “.akira” extension to the filenames of all encrypted files, giving it its name.
  • The ransomware also creates a ransom note and deletes Windows Shadow Volume copies to hinder data recovery.
Working Mechanism:
  • The ransomware closes processes and Windows services that could prevent it from encrypting files.
  • It exploits VPN services, especially when users haven’t enabled two-factor authentication, to deliver malicious files.
  • The ransomware uses the Windows Restart Manager API to terminate active Windows services, ensuring smooth encryption.
  • It avoids encrypting crucial system folders like Program Data, Recycle Bin, Boot, and System Volume information to maintain system stability.
  • Certain Windows system files with extensions like “.syn,” “.msl,” and “.exe” are also left unmodified.
  • Once data is encrypted and stolen, Akira leaves a ransom note named “akira_readme.txt,” providing information about the attack and a link to the negotiation site.
  • Each victim receives a unique negotiation password to communicate with the ransomware gang through the threat actor’s Tor site.
  • Unlike typical ransomware operations, Akira’s negotiation site employs a chat system, allowing direct communication with the ransomware gang.

What is ransomware?

  • Ransomware is a type of malicious software, used by cyber criminals, to infect a computer system by blocking access to the stored data by encrypting the files.
  • A ransom is then demanded from the owner in exchange for the decryption key.
  • While it is not yet clear as to how exactly the AIIMS computer systems were targeted, the malware may usually be injected remotely by tricking the user into downloading it upon clicking an ostensibly safe web link sent via email or other means, including hacking.
  • It can spread throughout the network by exploiting existing vulnerabilities. Ransomware attacks can also be accompanied by theft of sensitive data for other sinister motives.

What is Cyber Attack and Cyber Security?

  • Cyber attack is an assault launched by cybercriminals using one or more computers against a single or multiple computers or networks. A Cyber Attack can maliciously disable computers, steal data, or use a breached computer as a launch point for other attacks. Cybercriminals use a variety of methods to launch a Cyber Attack, including malware, phishing, ransomware, denial of service, among other methods.
  • Cybersecurity means securing the cyberspace from attack, damage, misuse and economic espionage. Cyberspace is a global domain within the information environment consisting of interdependent IT infrastructure such as Internet, Telecom networks, computer systems etc.

What are other similar types of Cyber Attacks?

  • Viruses which are the most commonly-known form of malware and potentially the most destructive. They can do anything from erasing the data on your computer to hijacking your computer to attack other systems, send spam, or host and share illegal content.
  • Worm is a type of malware that spreads copies of itself from computer to computer which can replicate itself without any human interaction, and it does not need to attach itself to a software program in order to cause damage.
  • Trojan is a type of malware that is often disguised as legitimate software which can be employed by cyber-thieves and hackers trying to gain access to users’ systems.
  • Spyware collects your personal information and passes it on to interested third parties without your knowledge or consent. Spyware is also known for installing Trojan viruses.
  • Adware displays pop-up advertisements when you are online.
  • Fake security software poses as legitimate software to trick you into opening your system to further infection, providing personal information, or paying for unnecessary or even damaging “clean ups”.
  • Browser hijacking software changes your browser settings (such as your home page and toolbars), displays pop-up ads and creates new desktop shortcuts. It can also relay your personal preferences to interested third parties.

Which agencies in India deal with cyber-attacks?

  • Set up in 2004, the Indian Computer Emergency Response Team (CERT-In) is the national nodal agency that collects, analyses and circulates inputs on cyber-attacks; issues guidelines, advisories for preventive measures, forecasts and issues alerts; and takes measures to handle any significant cyber security event.
  • It also imparts training to computer system managers.
  • The National Cyber Security Coordinator, under the National Security Council Secretariat, coordinates with different agencies at the national level on cybersecurity issues, while the National Critical Information Infrastructure Protection Centre has been set up for the protection of national critical information infrastructure.
  • According to the government, the Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre) has been launched for detection of malicious software programmes and to provide free tools to remove the same, while the National Cyber Coordination Centre works on creating awareness about existing and potential threats.

-Source: The Hindu

Recent Posts
May 2024
MTWTFSS
 12345
6789101112
13141516171819
20212223242526
2728293031 
Categories
Tags
Biodiversity Budget Disaster management Diseases Economic Development Economic Survey Education GS-1 Art and Culture GS-1 Geography GS-1 History GS-1 Indian Society GS-2 Agriculture GS-2 Bilateral GS-2 Environment and Ecology GS-2 Executive and judiciary GS-2 Geography GS-2 Governance GS-2 Health GS-2 Indian Constitution GS-2 Indian Economy GS-2 International Relations GS-2 Polity and Constitution GS-2 Social Justice GS-2 Welfare Schemes GS-3 Agriculture GS-3 Disaster Management GS-3 Environment and Ecology GS-3 Food Processing GS-3 Growth and Development GS-3 Indian Economy GS-3 Industry and Infrastructure GS-3 Internal Security GS-3 Science and Technology GS2 GS 3 International Relations History Optional Strategy Indian economy International Institutions Motivation PIB Preparation Strategy for History Optional Sociology Optional Strategy Space Technology Welfare Schemes Women Empowerment
Enquire Now

About

Legacy IAS Academy (LIA) is a well-known name for IAS Preparation in Bangalore. LIA is a group of experienced faculties, which included retired IAS/IPS/IRS officers, Academics, and extraordinary tutors from trusted Institutes in India.

Newsletter

Stay updated with our latest analysis on Daily Current affairs from the Hindu, Indian Express and other leading newspapers along with our PIB and Editorial Summaries.
Register now and be a part of the clan to not miss even a single update on getting one step closer to your dreams!

    Facebook Twitter Youtube Instagram Telegram

    Contact us

    Legacy IAS Academy – Drive Location 

    Address: #1535, 39th Cross Rd, Kottapalya, 4th T Block East, Jayanagara 9th Block, Jayanagar, Bengaluru, Karnataka 560041

    Phone: +91 9606900005 /04

    Email:  legacyiasacademy@gmail.com

                  info@legacyias.com

    Legacy IAS Academy © 2019-2024 All Rights Reserved.