Comment: Ransomware Attacks Are Now Targeting Industrial Control Systems

A new threat report from cybersecurity company Dragos details the characteristics of a form of ransomware known as Ekans. This ransomware – also known as Snake – first emerged in December 2019 and has been designed for use against Windows systems used in industrial environments.

Researchers found Ekans contains a list of commands and processes associated with a number of industrial control system-specific functionalities aimed at stopping these functions in a ransomware attack.

While this functionality is described as limited, researchers’ analysis of Ekans notes that it still represents “a deeply concerning evolution in ICS-targeting malware” because it indicates that cyber criminals are now targeting ICS operation systems purely for financial gain.

 

Subscribe
Notify of
guest
1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Moreno Carullo
Moreno Carullo , Co-founder and CTO
InfoSec Expert
February 8, 2020 10:34 am

Industrial control systems (ICS) are the nucleus to those organisations in manufacturing and utilities environments. Adversaries know if they can infect it, they can shut down the entire infrastructural body, preventing it from operating, producing and generating profit. Such high costs means that impacted companies are likely to pay the ransom in order to maintain some level of productivity and business continuity. With this in mind, it’s a surprise it’s taken cybercriminals so long to target ICS for profit.

To defend against Ekans, I advise suspectible companies to look to proven technologies that leverage artificial intelligence and machine learning to continuously monitor their ICS networks for anomalies that detect and mitigate possible attacks that could cause harm to the ICS.

Last edited 2 years ago by Moreno Carullo
1
0
Would love your thoughts, please comment.x
()
x