Snake ransomware emerged in December of 2019 attacking large companies and enterprises. This particular type of malware specifically targets business networks and works in a pretty straight-forward manner: it encrypts all connected devices while removing shadow copies and killing processes such as remote management, network management software, virtual machines, etc., and then you get a ransom note.
The Danger of Snake Ransomware and the Effect on Its Victims
Snake ransomware is a huge threat to large companies and enterprises as it carefully cripples its victims by not only encrypting their devices, but also by causing downtime on the victim’s day-to-day operations. This is exactly what happened to Honda in an attack on June, 2020, where the company had to shut down operations in several locations worldwide.
Cyber criminals using ransomware are well aware of the cost that a company faces by having to shut down and enforce downtime due to an attack. This allows attackers to raise the price of the ransom that is to be paid. It’s all about economics for snake ransomware criminals who seek to maximise their earnings as much as possible.
Honda is not the only big enterprise to have fallen victim to this type of attack. Fresenius, which is Europe’s largest private hospital operator was one of the first victims of this attack. Enel Argentina is another company that has been a victim of this threat. Although all of these companies have experienced huge losses and delays due to ransomware, none of them have spoken publicly about the attacks or confirmed how they were affected directly.
Snake Ransomware Insight
MalwareHunterTeam were the first to discover this type of attack, who have already attempted to reverse engineer the malware in an attempt to learn more about this new type of threat. From the findings so far, it seems that this type of attack is written in Golang, and unlike normal types of ransomware it contains a higher level of obfuscation.
This type of attack goes straight for the entire network of a company, not just a device or workstation – and that’s the scary part for any business. Honda for example had its entire financial sector affected by this malware.
Since this is such a new type of attack, it’s difficult to know if the malware can be decrypted for free without having to pay the ransom. So far no weaknesses have been found on this malware and it seems like it is going to be around for a long time. This type of malware works by campaigns where the virus targets several different companies simultaneously or within the same period, which means you could be next.
Your best bet to protect your company and yourself is to work with a trusted cybersecurity company that has the expertise to work on security issues such as these. This is not the type of attack that can be prevented by simply installing some software on your work equipment, so you will need to work with someone who has your best interest at heart. To learn more about how to protect your company contact CyberNinjas for more information.