U.S. and European government agencies on April 18 recommended specific best practices for organizations to protect against the latest version of Akira ransomware, which has attacked critical infrastructure and other organizations in North America, Europe, and Australia over the past year. It was recommended that it be introduced. Additionally, U.S. and international organizations have recently published best practices for safely deploying artificial intelligence systems.
“Akira ransomware code can attack both Windows-based and Linux-based systems,” said John Riggi, AHA national advisor on cybersecurity and risk. “In evolving its tactics to reduce detection and maximize the impact of its attacks, Akira uses two different variants of ransomware and is capable of leveraging publicly available tools and applications when carrying out its attacks. Your healthcare organization's cybersecurity team should review this alert closely and consider disabling remote access tools and activating the tools mentioned, especially the AdFind tool related to Active Directory discovery. Our AI guidance is a great resource that is most applicable to organizations deploying and operating externally developed AI systems on-premises or in private cloud environments. These best practices are not applicable to organizations leveraging AI systems deployed by other companies.
For more information about this or other cyber and risk issues, please contact Riggi at jriggi@aha.org. For the latest cyber and risk resources and threat intelligence, visit aha.org/cybersecurity.
