Printable pdf: SafeAlert-Akira Ransomware Uptick. Follow Safe Cyber Practices SA31

We have seen an increase in the number of banks reporting Akira ransomware attacks. As one of the most sophisticated and prolific ransomware groups active today, the Akira ransomware group executes a double extortion method by both freezing networks and threatening to publish exfiltrated data.

Recent attacks exploited a commonly used SSL VPN connection service/product. It is recommended that I/T staff should ensure that all patches are implemented and be on alert for network anomalies. 

The Akira attack method usually involves the following steps:

Common Akira network intrusion methods and corresponding prevention techniques include:

---

This information provides guidance and is not intended as a legal interpretation of any federal, state or local laws, rules or regulations. The facts of any potential claims situation which may actually arise, and the terms, conditions, exclusions, and limitations in any policy in effect at that time, are unique. Thus, no representation is made that any specific insurance coverage applies. ABA Insurance Services Inc. (“ABAIS”) does not warrant that all potential hazards or conditions have been evaluated or can be controlled. Coverage may not be available in all states. The liability of ABAIS and its affiliates is limited to the terms, limits and conditions of the insurance policies issued by ABAIS. ABA Insurance Services Inc. is an Ohio domiciled agency with its principal place of business at 3401 Tuttle Rd., Suite 300, Shaker Heights, OH 44122. © 2025 ABA Insurance Services Inc., dba Cabins Insurance Services in CA (CA license #0G63200), ABA Insurance Services of Kentucky Inc. in KY, and ABA Insurance Agency Inc. in MI. SA31 (082025)