Australia and New Zealand are facing a sharp rise in ransomware activity driven by the Akira threat group, which is exploiting a known SonicWall SSL-VPN vulnerability. Businesses of all sizes are being targeted, with attackers moving rapidly from initial access to data theft and extortion.
Akira operates on a “ransomware-as-a-service” model: affiliates breach systems, steal data, and often encrypt networks to force payment. Since 2023, the group has attacked hundreds of organisations worldwide, extracting millions in ransom.
Together with our partners Atmos and CyberCX, we have issued updated guidance to help organisations respond. Immediate priorities include upgrading SonicWall appliances, enforcing MFA, and ensuring incident response protocols are in place.
Now is the time to act. Confirm with your IT or security teams that SonicWall’s recommendations have been implemented, and make sure your organisation is prepared if targeted. Download our latest Executive Brief for full details (available on the right for desktop users, or at the bottom for mobile users).
Contents of this publication are provided for general information only. It is not intended to be interpreted as advice on which you should rely and may not necessarily be suitable for you. You must obtain professional or specialist advice before taking, or refraining from, any action on the basis of the content in this publication. Lockton arranges the insurance and is not the insurer. Any insurance cover is subject to the terms, conditions and exclusions of the policy. For full details refer to the specific policy wordings and/or Product Disclosure Statements available from Lockton on request.
