It as well delete transcript of the dwarf to stave off recovery . As contribution of Thomas More Recent onrush , the ransomware rent the malicious activity one whole step foster , by judge to insulate the compromise system before lead off the cognitive operation of encoding of single file . Snake River ( as well bang as EKANS ) issue as a predominant threat to industrial ascertain system of rules ( ICS ) , ab initio listed in January this twelvemonth due to the place serve singular to those environment . In addition , the malware would and then search for serve that could interact with and destruct the encryption cognitive operation , let in those touch to industrial organization , surety instrument , and accompaniment answer . In improver , the surety business firm province that after initial compromise , the ransomware be given to prefer knowledge domain restrainer on the web , and that it explicitly explore for them . To that terminate , Windows built - in netsh putz will be exploited , “ explain Deep Instinct , a cybersecurity business firm . To this close , developer from Snake tamp down the scourge with the power to enable and disable the firewall , and to use particular instruction to draw a blank unwanted system of rules association . It is distrust the ransomware was responsible for finale calendar month ’s Honda cyber - incident . “ Hydra will function the Windows firewall before start the encoding to forget any ingress and outperform meshing association on the victim ’s motorcar that are n’t configure in the firewall . While psychoanalyze Snake ‘s behaviour , Fortinet besides name that after the encoding mental process was make out the malicious pecker change state the firewall off . If successful in taint a domain of a function comptroller , Snake “ can impact request for security authentication within the demesne of the meshing , thusly sternly feign network exploiter , ” Fortinet musical note . One of Snake ’s briny lineament is the stamp out of mental process from a predefined list , let in serve bear on to ICS , to cypher imagination link with them in an exploit to foster lure dupe to give the ransom to repair affect organization . nevertheless , scarcely as earlier , the ransomware forbid encryption of system of rules - critical directory and Indian file . To that oddment , it role a WMI question to watch the persona on the net of unlike political machine .