Industrial Control System Ransomware Threat

Many times on this blog we’ve discussed the trend towards ever higher value targets when it comes to hacking, malware and ransomware. Well this week reported on a new ransomware that appears to target Industrial Control Systems (ICS) may have taken the high-value target trend to a whole new level.

ICS – What Runs Industry Around the Globe

Virtually every significant manufacturing and utility concern in the world runs some sort of ICS and many run the same ICS software packages, GE’s, Proficy and Fanuc and Honeywell’s Thingworx. This means that if this new ransomware labeled by researchers as Snake or EKANS proves to be a serious threat much of the world’s industry could be at risk.

Encrypt and Terminate

In addition to encrypting files for ransom EKANS also terminates 64 other software processes, many of which are specific to ICS. The net effect is that victims can find their ability to run and monitor critical processes greatly reduced.

State Sponsored or Cyber Criminals?

It appears to be to soon to know whether we are seeing the culmination of the high-value target cybercrime trend or perhaps a state sponsored actor looking to disguise its tracks by layering on ransomware. Since EKANS shares many similar traits with Megacortex, an ICS ransomware that appeared in the spring of 2019 this has led Vital Kremez, a researcher at Sentinel One to believe we are seeing the former. And that is scary since critical infrastructure and large-scale manufacturing are, well, critical and the last thing we need is to have them being routinely targeted for ransoms by cyber-criminals.

Konsultek Knows Security

Konsultek collaborates with the best security companies in the world like Checkpoint, Forescout and Gigamon to develop security solutions that no single company alone could provide by themselves. If it is time for your organization to step up to world class security solutions then by all means give us a call!


© Copyright 2018 Konsultek