Ransomware Attack on Panasonic Australia by Akira Group

Company Overview

Panasonic Australia Pty Limited, a subsidiary of the global Panasonic Corporation, operates in the manufacturing sector, providing a wide range of electronic products and solutions tailored to both consumer and business markets. With approximately 160 employees, the company is headquartered in Macquarie Park, New South Wales. Panasonic Australia is a market leader in consumer electronics and B2B solutions, offering products such as home appliances, audio-visual equipment, personal care products, and advanced technological solutions for various industries.

Attack Overview

Panasonic Australia has confirmed a ransomware attack by the Akira group, which listed the company on its darknet leak site. In response, Panasonic Australia secured its systems and initiated an investigation by forensic IT specialists. The company assured that their network is secure and daily operations remain unaffected. The investigation so far indicates no evidence of business or customer data being accessed by the attackers. Continuous 24-hour network monitoring has not detected any further threats. Despite these reassurances, the Akira group claimed to have obtained sensitive data, including project details and confidential agreements, and has announced intentions to release this data publicly.

About the Akira Ransomware Group

Akira is a rapidly growing ransomware family that first emerged in March 2023. The group targets small to medium-sized businesses across various sectors, including manufacturing, technology, and telecommunications. Akira operators use double extortion tactics, stealing data before encrypting systems and demanding a ransom for both decryption and data deletion. Their ransom demands typically range from $200,000 to over $4 million. Akira's unique dark web leak site features a retro 1980s-style interface that victims must navigate by typing commands. The group has been observed using tools like RClone, FileZilla, and WinSCP for data exfiltration and has expanded its operations to target Linux-based VMware ESXi virtual machines in addition to Windows systems.

Potential Vulnerabilities

Given Panasonic Australia's extensive portfolio and market leadership, it becomes a lucrative target for ransomware groups like Akira. The company's involvement in various sectors, including consumer electronics and B2B solutions, means it handles a significant amount of sensitive data. Unauthorized access to VPNs, credential theft, and lateral movement within the network are common tactics used by Akira to penetrate systems. The company's proactive measures, such as securing systems and continuous network monitoring, are crucial in mitigating the impact of such attacks.

Sources

• Panasonic Australia
• IBISWorld - Panasonic Australia Pty Limited
• Panasonic Australia - Company Overview
• Trend Micro - Ransomware Spotlight: Akira
• Sophos News - Akira: The Ransomware That Keeps on Taking
• Tripwire - Akira Ransomware: What You Need to Know
• Trellix - Akira Ransomware
• IC3 - Akira Ransomware