A new threat report from cybersecurity company Dragos details the characteristics of a form of ransomware known as Ekans. This ransomware – also known as Snake – first emerged in December 2019 and has been designed for use against Windows systems used in industrial environments.
Researchers found Ekans contains a list of commands and processes associated with a number of industrial control system-specific functionalities aimed at stopping these functions in a ransomware attack.
While this functionality is described as limited, researchers’ analysis of Ekans notes that it still represents “a deeply concerning evolution in ICS-targeting malware” because it indicates that cyber criminals are now targeting ICS operation systems purely for financial gain.