How’s your cybersecurity? Do you know what ransomware is, or what a phishing email looks like? If not, it might be time to learn. The latest ransomware to cause havoc to business networks in particular is called Snake. Flagged by MalwareHunterTeam in January, it’s been winding its way into computers and asking those infected to cough up if they want to access their files again.
What is Snake?
Snake is a form of ransomware, which is a kind of malware that encrypts all the files and programs on your machine and essentially holds them to ransom. To get them back, you’ll need to contact the hackers directly and send them some cash, usually in an online currency such as Bitcoin.
How does it get on my computer?
It’s difficult to say for certain how Snake finds its path to computers - but we suspect it’s through an infected URL, or a phishing email. Often ransomware and malware will be installed onto websites, and just wait for an unsuspecting user to find their way to it. Some of these may be older sites with poor security or that have been long abandoned, and have subsequently been hacked.
Once a user has clicked an infected link, Snake is installed. As expected, Snake specifically targets business networks; this means that everything you’re connected to through your computer is encrypted. That means every document and program, any client information and record is held to ransom.
Snake also does a few other complicated little processes to bring your business to its knees. Before encryption even occurs it targets enterprise management tools and industrial control systems (ICS). ICS are the control systems that machinery often uses; meaning whether it is a laser cutting machine or an MRI scanner, Snake can effectively stop anyone from being able to control it.
Machines that use ICS are often very expensive to replace, and the hardware inside is usually soldered in - meaning there’s no easy fix once you’re infected. For businesses with operational teams, Snake is especially damaging. Finally, the ‘Fix-Your-Files.txt’ ransom note is left in your computer, with the email address to contact for the decryption key.
What should I do if Snake infects my computer?
We do not recommend using the email to contact the hackers or paying the ransom. There is no guarantee that they’ll deliver the decryption key. Ensure that anyone not currently connected to your network is aware of the issue, and instruct them not to connect to the network. Then contact your IT support team directly.
How should I protect myself from Snake?
The most important thing is to backup your systems and ensure that the backup isn’t connected to your network. In the case of Snake, anything that is connected to your network and computer can be encrypted - and that includes all of your backups. A disaster recovery plan is also really important just in case the worst happens. Our awesome IT support team will be happy to talk you through backups and disaster recovery for your business.
Making sure you, your colleagues and your employees are aware of malware and phishing emails is also important. The biggest security vulnerability for businesses is users themselves. Ensuring that everyone knows what to do when a dodgy email arrives in their inbox will stop your business falling victim to one of these scams.