Akira Ransomware Group Targets Association of Missouri Electric Cooperatives
Incident Date:
April 11, 2024
Overview
Title
Akira Ransomware Group Targets Association of Missouri Electric Cooperatives
Victim
Association of Missouri Electric Cooperatives
Attacker
Akira
Location
First Reported
April 11, 2024
Ransomware Attack on Association of Missouri Electric Cooperatives
Overview
The Association of Missouri Electric Cooperatives (AMEC) is a statewide association representing 47 member cooperatives that provide electricity to over 1.5 million Missourians in rural areas. AMEC offers legislative advocacy, safety training, education programs, and promotes sustainability and environmental stewardship.
The recent ransomware attack by the group Akira has compromised the company's private files, which may include employee details, business partners, accounting data, etc.
Company Size
AMEC is a non-profit organization that serves as a support system for its member cooperatives, which range in size from small to large enterprises. Most of the victims targeted by the Akira ransomware group are small to medium-sized businesses, making it a potential target due to its association with multiple cooperatives.
Industry Standing
AMEC stands out in the Healthcare Services sector for its commitment to promoting safe and reliable electric service, education and training, legislative advocacy, and sustainability efforts. The association's mission to enhance the quality of life for rural Missourians sets them apart in the industry.
Vulnerabilities
AMEC's involvement in legislative advocacy and representation of rural electric cooperatives at state and federal levels could make them a target for threat actors seeking to disrupt critical infrastructure. Additionally, the association's focus on promoting sustainability and energy efficiency may attract ransomware groups looking to exploit vulnerabilities in environmental initiatives.
Ransomware Group Akira
A recent advisory from CISA, the FBI, Europol, and the Netherlands’ National Cyber Security Centre (NCSC-NL) disclosed that the Akira ransomware operators have amassed $42 million in ransom payments from over 250 global victims since early 2023. Akira ransomware emerged in March 2023, with its operators boasting of infiltrating various sectors such as education, finance, and real estate. Notably, they've devised a Linux encryptor to target VMware ESXi servers, akin to other ransomware groups.
Sources:
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.