Cyber Threat Actor: Akira Group
| Actor Type | Location | Known Incidents |
Criminal
|
Singapore
|
0 incidents |
|---|
Profile
The Akira Group is a cyber threat actor operating under that singular alias, with its activities publicly linked to Singapore. This group gained attention through a confirmed ransomware attack against Singaporean law firm Shook Lin & Bok in April 2024. During this incident, the attackers encrypted the firm's systems and demanded payment in bitcoin. The targeted organization reportedly paid approximately $1.89 million in ransom before notifying clients and authorities while working to restore operations. This operation demonstrates the group's focus on financial extortion through digital means against professional service entities within Singapore.
The group employs ransomware as its primary tool, specifically identified as Akira ransomware in their attack against the legal sector target. Their operational pattern involves encrypting victim systems followed by ransom demands in cryptocurrency, with bitcoin transactions serving as their preferred payment method. While the Shook Lin & Bok case represents their only publicly documented campaign, it establishes their targeting of Singapore-based legal institutions for monetary gain. The incident underscores the group's capability to compromise professional service organizations, prompting investigations by local authorities. Law enforcement and cybersecurity professionals continue to monitor their activities given the demonstrated impact on critical business operations.
