Cyber security news for all

More

    Cybercriminals created the Ekans malware to attack industrial control systems

    A ransomware called Snake or Ekans targets industrial areas. But it seems that only cyber criminals are behind this mysterious malware that want to attack the files.

    The recently discovered ransomware Snake not only encrypts files on the target systems. Rather, the malware searches the target systems for hundreds of specific programs – including many that are used in industrial processes to control systems, and ends the processes. This removes the processes from the control of the operating team, the systems are virtually no longer controllable.

    Ekans malware

    Ekans Was Developed For Specific Cyber Attack Goals

    Attacks on industrial control systems with malware are not new. So far, they have mainly been attributed to state-controlled hackers. Ekans is said to be the creation of cybercriminals. The researchers classify the ransomware as a unique and specific risk for industrial companies. Among other things, the researchers found in the malware a list of commands and processes that belong to functions of industrial control systems, among other things with the aim of stopping these functions with a ransomware attack. So far, Ekans capabilities in this area have been limited, but still worried that industrial control systems are being attacked for purely financial reasons for the first time. As usual with ransomware, files are encrypted and given a new file extension. Victims also receive a ransom note with an email address to negotiate the ransom to be paid in a cryptocurrency.

    The ransomware appears to be spreading through a previously compromised network. The researchers also assume that Ekans was developed for specific goals. Although not deliberately destructive, missing relationships and issues with the victim’s environment could result in Ekans or similar malware that could end industrial processes having an unintended physical impact. The willingness to accept this possibility is deeply worrying.

    Experts advise operators of industrial control systems to separate them from the rest of the network, to back them up regularly and to save the backups offline. In addition, it is necessary to take into account attacks on industrial systems with the aim of extorting money in risk assessments. Organizations must work diligently who  reduce their attack surface through better network segmentation, better access and authentication mechanisms and increase the transparency of industrial networks to identify attacks before they come to an end.

    Recent Articles

    Maze leaks data on its own platform

    The Maze ransomware has been up to almost a year and a half. This week, security experts warned about the actions of the cyber...

    Emotet to spread the malware behind email archives

    If you find an attached pack to an email these days, you should be particularly careful: the highly developed malware Emotet could be lurking...

    500,000 Activision accounts have been leaked

    Activision has taken a position on the alleged leak. According to the publisher, there has never been a data leak. In some cases it is...

    Judge issues injunction against WeChat

    The US government wanted to take action against the app WeChat. A judge stood sideways. The app should disappear from the platforms in the...

    Mail provider Tutanota becomes target of cyber attacks

    Over the weekend, ongoing DDoS attacks and an infrastructure problem resulted in downtime for hundreds of users. While some were able to mitigate most...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox