Akira Ransomware Group Targets Association of Missouri Electric Cooperatives

Incident Date:

April 11, 2024

World map

Overview

Title

Akira Ransomware Group Targets Association of Missouri Electric Cooperatives

Victim

Association of Missouri Electric Cooperatives

Attacker

Akira

Location

Jefferson City, USA

Missouri, USA

First Reported

April 11, 2024

Ransomware Attack on Association of Missouri Electric Cooperatives

Overview

The Association of Missouri Electric Cooperatives (AMEC) is a statewide association representing 47 member cooperatives that provide electricity to over 1.5 million Missourians in rural areas. AMEC offers legislative advocacy, safety training, education programs, and promotes sustainability and environmental stewardship.

The recent ransomware attack by the group Akira has compromised the company's private files, which may include employee details, business partners, accounting data, etc.

Company Size

AMEC is a non-profit organization that serves as a support system for its member cooperatives, which range in size from small to large enterprises. Most of the victims targeted by the Akira ransomware group are small to medium-sized businesses, making it a potential target due to its association with multiple cooperatives.

Industry Standing

AMEC stands out in the Healthcare Services sector for its commitment to promoting safe and reliable electric service, education and training, legislative advocacy, and sustainability efforts. The association's mission to enhance the quality of life for rural Missourians sets them apart in the industry.

Vulnerabilities

AMEC's involvement in legislative advocacy and representation of rural electric cooperatives at state and federal levels could make them a target for threat actors seeking to disrupt critical infrastructure. Additionally, the association's focus on promoting sustainability and energy efficiency may attract ransomware groups looking to exploit vulnerabilities in environmental initiatives.

Ransomware Group Akira

A recent advisory from CISA, the FBI, Europol, and the Netherlands’ National Cyber Security Centre (NCSC-NL) disclosed that the Akira ransomware operators have amassed $42 million in ransom payments from over 250 global victims since early 2023. Akira ransomware emerged in March 2023, with its operators boasting of infiltrating various sectors such as education, finance, and real estate. Notably, they've devised a Linux encryptor to target VMware ESXi servers, akin to other ransomware groups.

Sources:

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.