{"id":230472,"date":"2026-04-02T12:34:00","date_gmt":"2026-04-02T16:34:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/04\/02\/akira-ransomware-group-can-achieve-initial-access-to-data-encryption-in-less-than-an-hour\/"},"modified":"2026-04-02T12:34:00","modified_gmt":"2026-04-02T16:34:00","slug":"akira-ransomware-group-can-achieve-initial-access-to-data-encryption-in-less-than-an-hour","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/04\/02\/akira-ransomware-group-can-achieve-initial-access-to-data-encryption-in-less-than-an-hour\/","title":{"rendered":"Akira ransomware group can achieve initial access to data encryption in less than an hour"},"content":{"rendered":"<p><a href=\"https:\/\/cyberscoop.com\/akira-ransomware-initial-access-to-encryption-in-hours\/\">Akira ransomware group can achieve initial access to data encryption in less than an hour<\/a><\/p>\n<p><a href=\"https:\/\/cyberscoop.com\/akira-ransomware-initial-access-to-encryption-in-hours\/\">https:\/\/cyberscoop.com\/akira-ransomware-initial-access-to-encryption-in-hours\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-04-02 12:34:00<\/a><\/p>\n<p>Source Domain: <a href=\"cyberscoop.com\">cyberscoop.com<\/a><\/p>\n<p>The Akira ransomware group has compromised hundreds of victims over the past year with a well-honed attack lifecycle that has whittled down the time from initial access to encryption of data in less than four hours, according to cybersecurity firm Halcyon.<\/p>\n<p>Akira has been active since 2023, racking up at least $245 million in ransom payments from victims through September 2025. The cybercriminal outfit likely includes former members and affiliates of the now-defunct Conti ransomware group, and is known for its polished approach to digital extortion.<\/p>\n<p>A primary example can be found in the efficiency of Akira\u2019s infection cycle, which has reduced incident response times to hours. According to Halcyon, Akira is known for using zero-day vulnerabilities, buying exploits from initial access brokers and exploiting VPNs lacking multifactor authentication to infect their victims. Akira also uses a process known as \u201cintermittent encryption,\u201d whereby large files can be encrypted faster in smaller blocks.<\/p>\n<p>\u201cAkira is more stealthy and less aggressive allowing the ransomware to move swiftly through the entire ransomware attack kill chain from initial access to exfiltration, and encryption in as little as 1 hour without detection,\u201d Halcyon wrote in a blog published Thursday. \u201cIn most cases, the time from initial access to encryption was less than four hours.\u201d\u00a0<\/p>\n<p>Additionally, while most ransomware operators tend to spend \u201cabout 90-95%\u201d of their time developing their encryption malware and 5-10% on crafting decryptors, Halcyon said Akira has made \u201cextensive efforts to ensure the recovery of large files, like server images,\u201d going so far as to temporarily auto-save files with custom .akira extensions to ensure they can be recovered if the encryption process is interrupted.<\/p>\n<p>Halcyon\u2019s blog notes that these efforts are likely less due to ethical principles than because the group believes offering functional decryptors increases the chance&#8230;<\/p>\n<p><a href=\"https:\/\/cyberscoop.com\/akira-ransomware-initial-access-to-encryption-in-hours\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Akira ransomware group can achieve initial access to data encryption in less than an hour&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,32],"class_list":["post-230472","post","type-post","status-publish","format-standard","hentry","category-cybersecurity","tag-cybersecurity","tag-malware"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/230472"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=230472"}],"version-history":[{"count":0,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/230472\/revisions"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=230472"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=230472"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=230472"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}