Security measures that companies can enact now to safeguard industrial control systems
A particularly dangerous strain of ransomware uncovered by security firms Sentinel One and Dragos this past month targets industrial control systems (ICS), which bridge digital and physical systems on high value industrial assets, like energy plants, power grids and oil rigs. As run in Wired Magazine, a piece of code called Snake (EKANS) encrypts data and demands payment from victims before it releases it, much like other ransomware. But this one stands out in that industrial operating systems are among those in EKANS's crosshairs.
Sophisticated as EKANS and other ransomware can be, three immediate security measures can significantly reduce risk and defend valuable industrial systems against the vast majority of present and future malware, as Cognite sees it:
- The system entry point for ransomware is often via email phishing. Companies need to run robust worker trainings on ID’ing, avoiding and reporting potential phishing attempts. A phishing-immune workforce makes for tighter ICS.
- Keep your systems up to date. As obvious as it might sound, run your monthly security updates on your IT and operating systems. Operating systems are increasingly popular gateways to get access to the ICS, and can be effectively shielded by regular patches and updates.
- Backups are a crucial part of recovery when the disaster has already happened.
Experts are still drilling into the intricacies of the EKANS ransomware, but companies can boost their preparedness and reduce risk by having their security and IT teams take these early steps in the immediate aftermath of malware discoveries.
Delve into EKANS’s deeper technicalities and malware protection in general (external links):