Snake Ransomware: Here’s What MSSPs Need to Know
Cybercriminals are using Snake ransomware to target business networks and encrypt all devices connected to them, according to Bleeping Computer.
Snake was discovered last week by MalwareHunterTeam. It removes a network device’s Shadow Volume Copies and stops a variety of processes, including those related to SCADA systems, virtual machines, industrial control systems, remote management tools and network management software.
During a Snake attack, cybercriminals encrypt network device files (but skip those located in Windows system folders) and generate a ransom note. They also use Snake to encrypt entire networks rather than individual workstations.
In addition to Snake, cybercriminals recently have used Ryuk, LockerGoga and similar ransomware strains to launch cyberattacks. These ransomware strains enable cybercriminals to infiltrate networks, retrieve administrator credentials and encrypt files on network devices.
MSPs Fighting Ransomware: Basic First Steps
To get ahead of the ransomware threat, MSSP Alert and ChannelE2E have recommended that readers:
- Sign up immediately for U.S. Department of Homeland Security Alerts, which are issued by the Cybersecurity and Infrastructure Security Agency. Some of the alerts specifically mention MSPs, CSPs, telcos and other types of service providers.
- Study the NIST Cybersecurity Framework to understand how to mitigate risk within your own business before moving on to mitigate risk across your customer base.
- Explore cybersecurity awareness training for your business and your end-customers to drive down cyberattack hit rates.
- Connect the dots between your cybersecurity and data protection vendors. Understand how their offerings can be integrated and aligned to (A) prevent attacks, (B) mitigate attacks and (C) recover data if an attack circumvents your cyber defenses.
- Continue to attend channel-related conferences, but extend to attend major cybersecurity events — particularly RSA Conference, Black Hat and Amazon AWS re:Inforce. (PS: Also, keep your eyes open for PerchyCon 2020 — more details soon.)