Expert Insight: Enel Group Suffers Snake/Ekans Ransomware Attack

The European energy company giant Enel Group suffered a ransomware attack a few days ago that impacted its internal network. Detected on June 7, the incident is the work of EKANS (SNAKE) ransomware operators, the group that also targeted Honda earlier this week.

Jérôme Segura, Director of Threat Intelligence,  Malwarebytes
June 18, 2020
Both companies had some machines with Remote Desktop Protocol (RDP) access publicly exposed.
First public mentions of EKANS ransomware date back to January 2020, with security researcher Vitali Kremez sharing information about a new targeted ransomware written in GOLANG. The group appears to have a special interest for Industrial Control Systems (ICS), as detailed in this blog post by security firm Dragos. On June 8, a researcher shared samples of ransomware that supposedly was aimed at H ....
[Read More >>]
Oleg Kolesnikov, VP of threat research,  Securonix
June 15, 2020
The same malware was recently used on a ransomware attack against car manufacturer Honda.
Over the past few months, manufacturers around the globe shut down offices and plants in accordance with lockdown measures due to the COVID-19 pandemic. The recent ransomware attack that impacted Enel’s internal network highlights that critical infrastructure is incredibly vulnerable to ransomware attack because there is often no other choice but to pay the ransom in order to continue providing ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments

In this article