The hacker group’s blog post threatens public humiliation if the ransom demands are refused.
Traficom warned less than two weeks ago about the Akira ransomware malware. Illustration image. Colourbox
Svenska Dagbladet reports, that the Russian hacker group Akira is behind the extortion attack on Tietoevry. Tietoevry’s communications manager Alexandra Kärnlund confirms the matter to a Swedish newspaper.
Svenska Dagbladet reports that Akira’s blog threatens those who refuse the ransom demand with public humiliation. The hacker group was founded in April 2023 and since then has announced its attacks several times a week. So far, the group has not announced that it was behind the attack on Tietoevry.
An expert who worked in Swedish intelligence Mattias Wåhlen tells Svenska Dagbladet that although there is no complete certainty about the group’s background, in almost all similar attacks, traces of the perpetrator lead to Russia. According to him, the ransomware that appears in Sweden and other Nordic countries mostly originates from Akira.
– Akira is a criminal group that has developed a ransomware virus. They work together with freelancers, who in turn infect the IT systems. Their primary goal is financial gain.
Extortion malware, or ransomware, is a program that can be used to encrypt all files on an infected device or to lock the device completely. The criminal using the program then informs the owner of the device that he can only decrypt it if he pays the criminal a ransom in bitcoins.
Finnish Transport and Communications Agency Traficom announced just under two weeks ago about Akira ransomware cases and pointed out that Finnish organizations are currently being targeted by them. According to the Cybersecurity Center, observations of incidents have been particularly active at the end of 2023.
The Cybersecurity Center emphasizes the importance of preparation and pre-thought-out methods of action in preparing for attacks.
– Stealing information is a very sneaky way of operating because once the information is leaked, it is impossible to get it back with complete certainty. Even if blackmailers promise to delete data in exchange for a ransom payment, there is no real guarantee that the criminal will do so. Ransoms should never be paid, as it supports the continuation of crime and extortion, Traficom’s press release says.