Ransomware: Snake, the new enemy of factories

Computer security experts recently discovered a computer virus that could attack computer systems in industrial structures and shut them down.

Which is, we have to admit something new in the cybersecurity community. Conventional ransomware simply encrypts information system data, which they take hostage, allowing their publishers to demand payment of a certain ransom to victims in exchange for decryption keys. We remember that in 2019, the number of these programs that were used in cyberattacks almost doubled. Making the year in question "the year of ransomware" according to experts.

This article will also interest you: Ransomware attack: a Polynesian company has been surprised

However, Snake, that's how it was named, is a program a little apart. It is not a classic ransomware because it attacks the industrial network. It was discovered on January 7 after a computer security researcher at SentinelOne, a cybersecurity solutions firm, posted on his Twitter account. According to the latter, Snake would be able to damage the computer system of industrial sites and this at the level of critical operations.

According to data provided by FireEyes, malware is capable of defeating more than 10% of the services used today in the industry. We are talking about a hundred management tools. This shows the magnitude of the problem. David Grout, cybersecurity expert at FireEyes, warns about the dangerousness of this new program. He points out that it is software that is vulnerable to him, not just protocols. "Snakehose[le nom donné par FireEye à ce logiciel malveillant, ndlr] does not specialize in purely industrial protocols, such as Modbus or DNP3, but neutralizes processes or services of industrial equipment, such as human-machine interfaces or log management and backup software (historians)," our expert stressed.

But in practice it would seem that this Snake program is not really new, because according to the expert FireEyes: "Snakehose is not the first ransomware to target industrial networks," he continues. There was LockerGoga in 2019[qui a infecté Altran et le producteur norvégien d’aluminium Norsk Hydro, respectivement en janvier et en mars, ndlr]. But the list of services that Snakehose is capable of "killing" is much more important! ». To sum up, it is not at all original as malware, it seems to be the most dangerous in its class.

The emergence of such a program especially in these times of health problems demonstrated that the lure of the pirates' gain does not detract from it. And the industrial sector, which seems to be targeting this time, is in a very uncomfortable position. "The arrival of ransomware like Snake reflects the greed of cyber-friendly groups, who have realized that industrial victims tend to pay faster than others (territorial authorities, financial institutions, etc.). to return to production immediately. David Grout.

Now access an unlimited number of passwords:

Check out our hacking software