Image

Image

As you can see from the language in the ransom note, this ransomware specifically targets the entire network rather than individual workstations. They further indicate that any decryptor that is purchased will be for the network and not individual machines, but it is too soon to tell if they would make an exception.SNAKE isn't the first ransomware that's directed its focus to entire corporate networks. Back in March 2019, for instance, researchers discovered a new variant of the CryptoMix Clop ransomware family that claimed to target entire networks instead of individual users’ machines. A few months later, the security community learned of a new crypto-ransomware threat called “TFlower” targeting corporate environments via exposed Remote Desktop Services (RDS). The emergence of SNAKE ransomware highlights the need for organizations to defend themselves against a ransomware infection. They can use these recommendations to prevent a ransomware infection in the first place. They should also consider investing in a solution like Tripwire File Analyzer for the purpose of detecting suspicious files and behavior on the network.