Ransomware Attacking Utilities

Nobody would’ve imagined that with technological advancements would’ve come hacking capabilities for all utilities maintained in modern society. Throughout the last few years, it was proven by various criminal organizations that this was possible. It was confirmed by Dragos, a cybersecurity firm located in Maryland, that a new file-encrypting malware named Ekans or Snake has become prevalent on dark web servers since 2019. Dragos provided detailed intelligence regarding this ransomware, noting that it’s straightforward in development and encrypts substantial file-databases. Corporations operating these databases are handed a random digital note, which demands payments for returned control of various systems.

There is a considerably darker element to this malware, with cybersecurity firms like Dragos expressing that it originates from the Middle East. The file-encrypting malware is darker because it targets manufacturing plants, sewage treatment facilities, power grids, oil refineries and multiple other forms of environmental, industrial services. This marks the first instance that utility-based ransomware has been seen since 2016, with Ukraine having their power grids attacked, which saw a nation-wide blackout. This extended to another attack in 2017 against Triton, a Middle Eastern IT Firm. World governments have been slow to react to this form of cyber-terrorism, with minimal protection available to security firms.

Completing an extensive review over the Ekans Ransomware, the Dragos Cybersecurity Firm determined that this program could terminate sixty-four software processors with the Windows Vista and ten operating systems. Many of these processors relate to industrial controls, which can enable multiple environmental systems to be shut down immediately. There’s also significant concern that industrial factories will be attacked, causing for robotic systems to stop functioning. Corporations will be forced to pay the required ransom to receive returned control, with the payments focusing on cryptocurrency. This means that blockchain brokerages could also be affected if governments refuse to meet terrorist demands.

Real-World Implications

This marks the first historical evidence that hackers created file-encrypting malware designed to attack utility and manufacturing facilities. Though it’s not the first time that cyber-criminals have used malware to attack industrial corporations, older forms of ransomware were used. Corporations could easily defend themselves, with this not being possible against the Ekans Ransomware. However, Dragos and other cybersecurity firms are working extensively to create a solution against this malware. Until that solution is released, global utility systems are vulnerable. It’s anticipated that power grids in Europe and Asia could be attacked going forward.