Ransomware Attack on Fiskars Group by Akira

Incident Date: May 14, 2024

Attack Overview

VICTIM

Fiskars Group

INDUSTRY

Consumer Services

LOCATION

USA

ATTACKER

Akira

FIRST REPORTED

May 14, 2024

Request Removal

Ransomware Attack on Fiskars Group by Akira

Victim Overview

Fiskars Group, a Finnish consumer goods company founded in 1649, fell victim to a cyberattack orchestrated by the ransomware group Akira. The company operates in the Consumer Services sector and is known for its diverse product portfolio, including scissors, gardening tools, kitchenware, and outdoor equipment. Fiskars Group employs around 6,595 people in over 30 countries and reported revenue of €1.25 billion.

Company Standout

The company is notable for its iconic orange-handled scissors introduced in 1967. The company has made significant acquisitions over the years, strengthening its position in various markets.

Company Vulnerabilities

As a leading consumer goods company with a global presence, Fiskars Group's extensive operations and valuable data make it an attractive target for threat actors like Akira. The company's large workforce and diverse product range may have provided multiple entry points for the ransomware group to exploit.

Attack Overview

Fiskars Group's website was compromised in the cyberattack by Akira. Approximately 2 TB of data was exfiltrated during the incident, highlighting the severity of the breach and the potential risks to the company's operations and data security.

Ransomware Group Akira

Akira is a rapidly growing ransomware family that targets small to medium-sized businesses across various sectors, including government, manufacturing, technology, and more. The group employs double extortion tactics, stealing data before encrypting systems and demanding ransom for decryption and data deletion.

Distinctive Features of Akira

The ransomware group distinguishes itself with ransom demands ranging from $200,000 to over $4 million and a unique dark web leak site with a retro 1980s-style interface. The group has been observed using unauthorized access to VPNs, credential theft, and deploying a previously unreported backdoor.

Penetration Methods

The group of cybercriminals has targeted both Windows and Linux-based systems, expanding its operations to include VMware ESXi virtual machines. The group continuously adapts its tactics to exploit vulnerabilities in organizations, making it a significant and evolving ransomware threat.

Sources:

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.