Contact Us Today! 1-844-237-4300

Central Technology Solutions Blog

The SamSam Ransomware Is Absolutely No Joke

The SamSam Ransomware Is Absolutely No Joke

The funny thing about ransomware is that they give them very strange names: Bad Rabbit sounds like the name of a villainous bunny who gets his comeuppance in some type of modern nursery rhyme, not malware that would ravage hundreds of European businesses. Locky seems like the son of Candado de seguridad, a character Medeco would come up with to educate kids on proper physical security. The latest in a long line of funny-named ransomware, SamSam, isn’t a pet name for your pet ferret you perplexingly named Sam, it is one of the worst ransomware strains ever, and it has caught the attention of U.S. Federal law enforcement.

Both the Federal Bureau of Investigation and the Department of Homeland Security have issued alerts for the ransomware, also known as MSIL/Samas.A. The alert was issued on December 3, 2018, and outlines an attack on multiple industries, some with crucial infrastructure. The ransomware has been in the news as of late, as two Iranian nationals, Faramarz Shahi Savandi and Mohammad Mehdi Shah Mansouri were indicted by a U.S. grand jury in New Jersey for ransomware attacks on the Colorado Department of Transportation.

The pair is alleged to have victimized over 200 hospitals, businesses, government agencies, and schools in the U.S. and Canada beginning in 2015; extorting over $6 million over that time. In addition to these charges, the two hackers have now been indicted by the state of Georgia on charges that they were the ones that perpetrated the ransomware systems that crippled Atlanta’s government in March of 2018. By taking almost 3,800 of the City of Atlanta’s computers hostage, prosecutors state that Mansouri and Savandi have cost the city millions of dollars in consultant fees, downtime, and other costs.

What is SamSam?
SamSam is a privately developed ransomware that is being used to target specific companies selected by the developers. This means that it isn’t just a commodity ransomware, it can’t be found on some type of criminal forum on the dark web, and it isn’t sold as a service like many other forms of ransomware. This is a major problem for any organization that is targeted, as none of the typical endpoint defensive strategies work to stop it.

What’s worse, is that that once a SamSam strain is used, and security vendors publish a report, another SamSam strain is developed. It is thought that this development team includes the two hackers implicated in the Colorado DoT crimes, the Atlanta crimes, and hundreds of other attacks over the past three years.

What Can You Do?
Thus far the SamSam ransomware has entered victims’ networks using exploits in web-facing servers. It has been deployed as millions of other pieces of malware as an executable file that is mistakenly unleashed, or via brute force via the Remote Desktop Protocol. So, while you can lock down your RDP, your best bet is to have a dedicated strategy that:

  • Doesn’t allow unauthorized users to have administrative privileges
  • Limits use of Domain Access accounts to administration tasks
  • Doesn’t provide service accounts for important services
  • Restricts access to critical systems

If you are diligent in your organizational cybersecurity practices, you should be able to conduct business as usual without having to worry about ransomware, SamSam or otherwise. If you are interested in knowing more about SamSam and how to stop it, contact the IT professionals at Central Technology Solutions for more information at 1-844-237-4300.

Why You Shouldn't Say “Humbug” to Your Security
Small Businesses Using Emerging Technologies to Ge...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, June 20 2019

Captcha Image

Join our mailing list!

  • Company Name *
  • First Name *
  • Last Name *

      Mobile? Grab this Article!

      QR-Code dieser Seite

      Tag Cloud

      Security Tip of the Week Technology Best Practices Cloud Business Computing Email Productivity Hosted Solutions Malware Privacy IT Services Hackers Network Security Internet Data Software Outsourced IT Productivity Data Backup Managed IT Services Business IT Support Innovation Microsoft Mobile Devices Hardware Ransomware Data Recovery Computer Tech Term Cloud Computing Google Small Business Efficiency IT Support Backup Collaboration Managed Service Provider Business Continuity User Tips Internet of Things Smartphone Android Upgrade Communication Business Management Remote Monitoring Smartphones Paperless Office Disaster Recovery VoIP Windows 10 Data Management Phishing Windows 10 Encryption Social Media Server Windows Workplace Tips Browser Managed IT Managed IT Services Artificial Intelligence Risk Management Mobile Device BYOD Cybersecurity communications Facebook Save Money Passwords App Office 365 Mobile Device Management Holiday Saving Money Unified Threat Management Wi-Fi Document Management Quick Tips Employer-Employee Relationship Robot Compliance Apps Bring Your Own Device Gmail Managed Service BDR Business Technology Vendor Management Password Network Automation Recovery Analytics Virtualization Chrome Applications Government Firewall Bandwidth Healthcare Scam Hosted Solution Antivirus Website Project Management Infrastructure Money Telephone Systems Content Filtering SaaS Data storage Going Green Vulnerability Information Blockchain Wireless Microsoft Office File Sharing Big Data IT Management Help Desk Tip of the week Customer Service Apple Two-factor Authentication Politics Router Social Work/Life Balance VPN Virtual Reality Miscellaneous Customer Relationship Management Computing Data loss Data Security Regulations Training Office IT Service Printing Computers Storage Tablet Unified Communications Remote Computing Users Files Settings Downtime Mobile Computing Software as a Service Tech Support The Internet of Things Hacker Administration LiFi Maintenance Management Education Smart Technology Digital Payment Remote Monitoring and Management Upgrades Patch Management Websites Identity Theft Wireless Technology Legal Networking Twitter Net Neutrality Remote Workers IT solutions Licensing Virtual Private Network Internet Exlporer End of Support Health Network Management IoT HIPAA Budget Assessment Sports Access Control Cooperation Information Technology How To Monitors Server Management Mobile Security Electronic Medical Records Gadgets Machine Learning Mobility Operating System Alert Outlook Uninterrupted Power Supply Mouse Employees Consultation Company Culture Google Drive RMM How To Samsung Word Spam Flexibility YouTube Business Growth Redundancy Chromebook WiFi Avoiding Downtime Private Cloud Proactive Cabling Humor Managed Services Provider Shortcut Migration Cables Backup and Disaster Recovery Black Market Smart Tech Employee-Employer Relationship Wasting Time Operations Drones Enterprise Content Management Finance Firefox Writing Emoji Proactive Maintenance Data Warehousing Backups ROI Computing Infrastructure Point of Sale Deep Learning Network Congestion Solid State Drives Technology Assurance Group ’s 18 Solid State Drive Theft Heating/Cooling IT Consulting Cybercrime Current Events Cost Management E-Commerce WannaCry Computer Repair Teamwork Virtual Desktop Technology Tips Chatbots Wires Human Error Time Management Connectivity Hacking Physical Security Database Multi-Factor Security Wearable Technology Telephony Alt Codes Vulnerabilities Authentication Retail Cortana Database Management Microsoft Excel Modem Sync 3D Printing Notes Printer Alerts Law Enforcement Enterprise Resource Planning Bookmarks Display Options Distributed Denial of Service Annual Convention Public Cloud Cryptocurrency WPA3 Financial Servers Data Breach Travel Hard Drive Features Shared resources Comparison Identity Botnet Permission Processors Disaster Trending Office Tips Voice over Internet Protocol Google Calendar Typing Geography Authorization Cookies Mobile Device Managment Software Tips Hacks Unsupported Software Virus PowerPoint Gadget Best Practice Mobile Favorites Mail Merge Update Marketing 5G Managed IT Service San Diego Automobile Computer Care Bitcoin Fleet Tracking Procurement Technology Laws Cache Electronic Health Records VoIP Sponsor OneDrive Specifications Test Touchscreen Techology Buisness Star Wars Monitoring Windows 7 Legislation IT Technicians GPS High-Speed Internet Lenovo Social Engineering USB Permissions Nanotechnology Statistics Mobile Data Professional Services SharePoint Staff Conferencing Address Wireless Internet Break Fix Social Networking Windows 8 Save Time Asset Tracking Unified Threat Management Hotspot Crowdsourcing Meetings Recycling Cyberattacks Digital Obstacle Manufacturing Black Friday Roanoke — Central Technology Solutions Supercomputer Identities MSP Disaster Resistance Security Cameras Utility Computing Consulting Search Dark Data Personal Information Transportation Mirgation Tracking Development Zero-Day Threat Superfish Safety Fraud Screen Reader G Suite History Bluetooth Virtual Assistant Downloads Augmented Reality Taxes Google Wallet Managing Stress Instant Messaging Employer/Employee Relationships Dark Web Motherboard Google Maps OneNote Remote Worker User Error Language eWaste Read Only Spyware Course Hard Disk Drives Cyber Monday technology services provider IT Budget Hard Drives Google Docs Tech Terms Proactive IT Notifications Hard Disk Drive Students IT Consultant Printers Error Emergency Web Server CrashOverride GDPR Cameras Motion Sickness Regulation CCTV Administrator Relocation Webcam