Industrial Control Systems Targeted by New EKANS Ransomware

Every day an increasing number of ransomware cases are being reported. In the past, ransomware was not typically designed to target Industrial Control Systems (ICS), but the arrival of EKANS ransomware has signaled a significant shift in the mindset of attackers.

This stresses the importance of implementing an Industrial Cybersecurity strategy for operational technology networks and devices.

EKANS attempts to cripple ICS infrastructure by encrypting files that the system is using, then once in displays a message requesting payment be made in order to decrypt the files. EKANS is distinguished by its attempts to specifically target and terminate key processes, from well-known industrial software and hardware running on an ICS PC.

The EKANS ransomware is an example of the shifting threats to the cyber ecosystem in which ICS is rapidly becoming integrated with. As new and more sophisticated ICS-focused malware continues to be developed, the up-time and availability of ICS remain critically important. The role of Cybersecurity in an industrial setting is of vital importance.