Cyber security news for all

More

    Cybercriminals created the Ekans malware to attack industrial control systems

    A ransomware called Snake or Ekans targets industrial areas. But it seems that only cyber criminals are behind this mysterious malware that want to attack the files.

    The recently discovered ransomware Snake not only encrypts files on the target systems. Rather, the malware searches the target systems for hundreds of specific programs – including many that are used in industrial processes to control systems, and ends the processes. This removes the processes from the control of the operating team, the systems are virtually no longer controllable.

    Ekans malware

    Ekans Was Developed For Specific Cyber Attack Goals

    Attacks on industrial control systems with malware are not new. So far, they have mainly been attributed to state-controlled hackers. Ekans is said to be the creation of cybercriminals. The researchers classify the ransomware as a unique and specific risk for industrial companies. Among other things, the researchers found in the malware a list of commands and processes that belong to functions of industrial control systems, among other things with the aim of stopping these functions with a ransomware attack. So far, Ekans capabilities in this area have been limited, but still worried that industrial control systems are being attacked for purely financial reasons for the first time. As usual with ransomware, files are encrypted and given a new file extension. Victims also receive a ransom note with an email address to negotiate the ransom to be paid in a cryptocurrency.

    The ransomware appears to be spreading through a previously compromised network. The researchers also assume that Ekans was developed for specific goals. Although not deliberately destructive, missing relationships and issues with the victim’s environment could result in Ekans or similar malware that could end industrial processes having an unintended physical impact. The willingness to accept this possibility is deeply worrying.

    Experts advise operators of industrial control systems to separate them from the rest of the network, to back them up regularly and to save the backups offline. In addition, it is necessary to take into account attacks on industrial systems with the aim of extorting money in risk assessments. Organizations must work diligently who  reduce their attack surface through better network segmentation, better access and authentication mechanisms and increase the transparency of industrial networks to identify attacks before they come to an end.

    Recent Articles

    macOS Trojans: Traces lead to Vietnam

    Security researchers have discovered a new macOS Trojans. Behind this could be a well known hacker group that has spied on Vietnamese dissidents in...

    Court forces Tutanota to perform a surveillance function

    Tutanota email only stores its user mails in encrypted form and cannot read them itself. Tutanota is one of the few email providers that...

    Manchester United have been blackmailed by cyber attackers

    The Premier League club Manchester United fell victim to a cyber attack according to the Daily Mail. The cyber criminals are apparently demanding ransom in...

    TikTok has fixed a serious security gap issue

    TikTok accounts paid a researcher a reward of 4000 dollars after he reported two vulnerabilities as part of a disclosure. A combination of both...

    Passwords should be changed for Fortinet VPNs

    Administrators should change the access for Fortinet VPNs in use. Log-in information for almost 50,000 VPN networks has appeared in various cyber blogs. A security...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox