Snake Ransomware Attacking ICS

Ransomware continues to be an active, evolving threat and one of the newest strains to emerge is Snake (also known as EKANS, which is simply “Snake” spelled backward).

First appearing at the end of December last year, the most interesting feature of Snake is that it targets industrial control systems (ICS) environments – not the individual machines, but the entire network. Designed to terminate specific processes on victim machines, including multiple items related to ICS operations, it also deletes Volume Shadow Copies to eliminate Window backups. 

While there is currently no decryption available, systems running Acronis Active Protection – the AI-based anti-malware defense that is integrated into our cyber protection solutions – successfully detects Snake ransomware as a zero-day attack and stops it in its tracks.