"New Ransomware Targets Industrial Control Systems"

New ransomware aimed at disrupting the processes associated with industrial control systems (ICS) operations, called EKANS, is being analyzed by security researchers from SentinelOne, Dragos, and the MalwareHunterTeam. According to researchers, EKANS ransomware forcefully stops processes commonly related to ICS products. The ransomware's kill list made references to ICS-specific functionalities, including GE'S Proficy data historian, GE Fanuc licensing server services, and Honeywell's HMIWeb application. EKANS cannot inject commands or control ICS-related processes. Therefore, it is limited to disrupting administrators' visibility of operations and network activities. This article continues to discuss the ICS-specific functionalities targeted by EKANS ransomware as well as the limitations of this ransomware.

Help Net Security reports "New Ransomware Targets Industrial Control Systems"