Singapore Warns Businesses of Rising Bitcoin Ransomware Threat

Singaporean businesses are now on high alert as the notorious Akira ransomware, responsible for stealing $42 million from over 250 organizations globally, sets its sights on the island nation.

In a collaborative effort, the Cyber Security Agency of Singapore, the Singapore Police Force, and the Personal Data Protection Commission have issued a joint advisory warning local businesses about the increasing threat posed by an Akira ransomware variant. This alert follows a series of complaints from victims of the cyberattack, underscoring the urgency of the situation.

The Federal Bureau of Investigation (FBI) in the United States has previously identified that Akira ransomware targets businesses and critical infrastructure. Singaporean authorities have detailed several measures to detect, deter, and neutralize these attacks. Key among their advice is a strong recommendation against paying ransoms.

Attackers demand cryptocurrency payments, predominantly in Bitcoin, to release control over compromised systems and data. However, Singaporean officials emphasize that paying ransom does not ensure data recovery or prevent further attacks. Instead, they urge immediate reporting of incidents to the authorities.

“If your organization’s systems have been compromised with ransomware, we do not recommend paying the ransom and advise you to report the incident immediately to the authorities. Paying the ransom does not guarantee that the data will be decrypted or that threat actors will not publish your data,” the advisory states.

To mitigate the threat, businesses are encouraged to adopt robust cybersecurity practices. These include implementing a comprehensive recovery plan, enabling multifactor authentication, filtering network traffic, disabling unused ports and hyperlinks, and ensuring system-wide encryption.

Adding to the cybersecurity landscape, Kaspersky recently highlighted North Korean hackers targeting South Korean crypto businesses with Durian malware. Durian’s advanced backdoor capabilities enable command execution, additional file downloads, and file exfiltration, showcasing the sophisticated nature of modern cyber threats. The involvement of Andariel, a subgroup within the infamous Lazarus Group, suggests a complex network of cybercriminals at play.

Singaporean businesses must remain vigilant and proactive in their cybersecurity efforts to combat the rising threat of ransomware and other malicious attacks. By staying informed and adopting recommended practices, companies can better protect themselves against these evolving dangers.