Ransomware is ever-changing, and this is never more evident than when a ransomware group changes their tactics to access networks.
We have recently seen a change in attacks from the ransomware group Akira, flagging it as an even more pressing issue for businesses across the globe.

Akira is a prominent malware group that has predominantly targeted US and Canadian businesses.
They aim to steal data and information from companies which they hold ransom. Like many other ransomware groups, they threaten to release the data if the ransom isn’t paid by their deadline.
Previously, Akira was known to infiltrate systems and networks through Cisco ASA firewalls.
However, recently, we have noticed that they are changing entrance tactics and now target SonicWall SSLVPNs.
This means that accounts with weak passwords and that haven’t got multi-factor authentication (MFA) set up are easy targets.
This shift in operation for such a large and notable ransomware group simply highlights the need for strong and secure passwords and multi-step authentication.
The news suggests that the ransomware group is expanding their targets, making it even more of a concern for businesses across the world.


There are several steps that we recommend you take to protect your network and servers.
We are on hand to help you ensure everything is in place to keep your network secure and as safe as possible from Akira and other ransomware groups.
Our team are experts in this industry and will be able to offer advice and guidance on how you can make sure your networks are safe.
If you suspect you are under attack from Akira or another ransomware group, don’t hesitate to get in touch with our ransomware recovery team.
As we have teams across the country, we can get on-site as soon as possible, enabling a quick reaction.
Our on-site Digital Forensics & Incident Response Team will get an understanding of the situation before examining and analysing the breach and working towards containing the attack and recovering your network.
Call us now on 01202 308818 or complete our online contact form, and we will give you a callback.

Solace Cyber helps companies across the UK recover from ransomware attacks and data breaches.
Ransomware Recovery
Ransomware Groups
BEC Recovery
About Us
Blog
News
SOLACE CYBER LTD is registered in England & Wales no. 14028838

Solace Cyber
Twin Sails House,
W Quay Rd,
Poole, BH15 1JF
United Kingdom