Get Started Today!  (813) 749-0895    SEARCH SITE

IT Professional Services and Business Continuity

Symmetric Engineering Group Blogs

The SamSam Ransomware Is Absolutely No Joke

The SamSam Ransomware Is Absolutely No Joke

The funny thing about ransomware is that they give them very strange names: Bad Rabbit sounds like the name of a villainous bunny who gets his comeuppance in some type of modern nursery rhyme, not malware that would ravage hundreds of European businesses. Locky seems like the son of Candado de seguridad, a character Medeco would come up with to educate kids on proper physical security. The latest in a long line of funny-named ransomware, SamSam, isn’t a pet name for your pet ferret you perplexingly named Sam, it is one of the worst ransomware strains ever, and it has caught the attention of U.S. Federal law enforcement.

Both the Federal Bureau of Investigation and the Department of Homeland Security have issued alerts for the ransomware, also known as MSIL/Samas.A. The alert was issued on December 3, 2018, and outlines an attack on multiple industries, some with crucial infrastructure. The ransomware has been in the news as of late, as two Iranian nationals, Faramarz Shahi Savandi and Mohammad Mehdi Shah Mansouri were indicted by a U.S. grand jury in New Jersey for ransomware attacks on the Colorado Department of Transportation.

The pair is alleged to have victimized over 200 hospitals, businesses, government agencies, and schools in the U.S. and Canada beginning in 2015; extorting over $6 million over that time. In addition to these charges, the two hackers have now been indicted by the state of Georgia on charges that they were the ones that perpetrated the ransomware systems that crippled Atlanta’s government in March of 2018. By taking almost 3,800 of the City of Atlanta’s computers hostage, prosecutors state that Mansouri and Savandi have cost the city millions of dollars in consultant fees, downtime, and other costs.

What is SamSam?
SamSam is a privately developed ransomware that is being used to target specific companies selected by the developers. This means that it isn’t just a commodity ransomware, it can’t be found on some type of criminal forum on the dark web, and it isn’t sold as a service like many other forms of ransomware. This is a major problem for any organization that is targeted, as none of the typical endpoint defensive strategies work to stop it.

What’s worse, is that that once a SamSam strain is used, and security vendors publish a report, another SamSam strain is developed. It is thought that this development team includes the two hackers implicated in the Colorado DoT crimes, the Atlanta crimes, and hundreds of other attacks over the past three years.

What Can You Do?
Thus far the SamSam ransomware has entered victims’ networks using exploits in web-facing servers. It has been deployed as millions of other pieces of malware as an executable file that is mistakenly unleashed, or via brute force via the Remote Desktop Protocol. So, while you can lock down your RDP, your best bet is to have a dedicated strategy that:

  • Doesn’t allow unauthorized users to have administrative privileges
  • Limits use of Domain Access accounts to administration tasks
  • Doesn’t provide service accounts for important services
  • Restricts access to critical systems

If you are diligent in your organizational cybersecurity practices, you should be able to conduct business as usual without having to worry about ransomware, SamSam or otherwise. If you are interested in knowing more about SamSam and how to stop it, contact the IT professionals at Symmetric Engineering Group for more information at (813) 749-0895.

Why You Shouldn't Say “Humbug” to Your Security
Small Businesses Using Emerging Technologies to Ge...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, March 20 2019

Captcha Image

Search

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Tip of the Week IT Services IT Support Technology Best Practices Managed IT Services Business Computing Cloud Email Privacy Malware Hackers Hosted Solutions IT Infrastructure Management Business Continuity Internet Business IT Companies in Tampa Data Productivity Business Mobility IT Support Services Data Backup Software Outsourced IT Business IT Solutions Microsoft I.T. Management Network Security Computer IT Professional Services Managed Service Provider Productivity Custom Business Solutions Mobile Devices Data Recovery IT Management Tech Term IT Business Solutions Ransomware Innovation Business Applications Cloud Computing Android Google Technology Consultants Managed IT Service in Florida Hardware Business IT Support Upgrade Managed IT Service Managed IT User Tips Workplace Tips Windows Internet of Things Windows 10 Small Business Managed Services in Florida I.T. Support Business Management IT Support Disaster Recovery Remote Monitoring Encryption Communication I.T. Services Dynamic Solutions IT Support Services in Tampa IT Risk Management Collaboration Backup Browser Efficiency Phishing IT Outsourcing in Tampa Holiday IT Services in Florida Server Smartphone Smartphones Microsoft Office Data Management VoIP Social Media Artificial Intelligence IT Service Gmail IT Support in Tampa Paperless Office Network Cybersecurity Save Money Windows 10 Managed Services Passwords Mobile Device Management BYOD App communications Mobile Device Office 365 IT Managed Services Managed IT Services Managed Services in Tampa Bay Vendor Management Bring Your Own Device Employer-Employee Relationship Tech Companies in Tampa BDR Customer Relationship Management Website Applications Unified Threat Management IT Services in Tampa Compliance Firewall Tampa IT Support Antivirus Bandwidth Operating System Automation Risk Management Healthcare Computer Networking Tip of the week IT Outsourcing in Florida Content Filtering Government Wi-Fi Chrome Managed Service Information Data Computer Services IT Service Management IT Company Business Plan Document Management Apple Word Two-factor Authentication IT Vendor Management Saving Money Scam Project Management IT Outsourcing Vulnerability Business IT Support Services Analytics Business Technology Small Business IT Solutions Facebook Infrastructure Managed Service in Tampa Money Wireless Technology SaaS Router Computer Hardware Repair Retail Quick Tips WiFi Customer Service Hosted Solution Office Data loss The Internet of Things Remote Computing IT solutions Data storage Storage Regulations Mobile Computing Tablet Unified Communications Help Desk Miscellaneous Apps Telephone Systems IT Management Services Settings Big Data Maintenance IT Company Data Security Net Neutrality Blockchain VPN Robot Wireless IBM Laptop Remote Workers Printing Administration End of Support Google Drive Uninterrupted Power Supply Computer Support Downtime Machine Learning Computer Network Services Mouse Licensing Training I.T. Company Business Application Alert Social Virtual Desktop Flexibility Computer Networking Services Redundancy IoT How To YouTube Access Control HIPAA Patch Management Office Tips Network Congestion File Sharing Computing Employees Digital Payment Server Management Search Software as a Service Internet Exlporer Virtualization Company Culture Network Management Users Monitors Spam Budget User Error Files IT Consulting Mobile Security Managed IT Outsourcing Assessment Virtual Private Network Solid State Drive Recovery IT Support Helpdesk LiFi Smart Technology Virtual Reality Politics Information Technology Mobility Microsoft Virtual Server Hosting in Tampa and Florida Augmented Reality Outlook IT Companies in Florida Business Continuity Services Presentation Management IT Management Service Remote Monitoring and Management IT Managed Service Provider Tech Support E-Commerce Spyware Consulting Services Unified Threat Management Operations Managed Service in Florida Wires Human Error Health Care IT Services Knowledge Distributed Denial of Service Smart Tech Corporate Profile Buisness Database Application Techology Language Vulnerabilities Authentication Outsourced Computer Support Fun Cyber Monday G Suite IT Consulting Service Health Notes Typing Lenovo Permissions Server Hosting in Tampa Enterprise Resource Planning Password Bookmarks Google Calendar Chatbots Help Desk Support Automobile WPA3 Financial Address IT Service in Tampa Jobs Point of Sale Hard Drive Features Service IT Hacker Intranet Printer Wearable Technology Hacking Permission Shortcut Computers Business IT Solutions Experience Deep Learning Break Fix Connectivity WannaCry Trending Voice over Internet Protocol Disaster Resistance Computing Infrastructure Geography Authorization Servers Modem Electronic Medical Records USB Halloween PowerPoint Superfish Fraud Mobile Favorites Time Management Co-managed IT Legislation Identity Google Docs Fleet Tracking Undo Procurement Hard Disk Drive Dark Web Samsung Healthcare IT Cache Electronic Health Records IT Solutions for Small Business IT Support Companies in Tampa Save Time Test Software Tips Display Full Service IT Monitoring Domains CIO Windows 7 Proactive IT Alerts Chromebook History High-Speed Internet User Cookies Managed it Services in Tampa Travel Cryptocurrency Humor Data Technology Scary Stories Professional Services Server Hosting IT Tech Support Hacks Best Practice Conferencing Identity Theft Comparison IT Vendor Management in Tampa Sync Business Growth Asset Tracking Competition Security Cameras Data Warehousing Recycling Cyberattacks Computer Care Firefox Microsoft Affiliate Program SharePoint IT Technicians IT Support and Solutions Private Cloud Backups Digital Signature MSP Hard Drives RMM Identities Bitcoin Star Wars Consulting Public Speaking VoIP Data Breach Cooperation Managed Services in Floirda Google Wallet Disaster Development Avoiding Downtime Zero-Day Threat Statistics Technology Tips Nanotechnology Managed Service Providers Writing Sports Virtual Assistant Computer Repair Networking Technology Consulting Firms Current Events Managing Stress Heating/Cooling Instant Messaging Touchscreen Server Hosting in Florida Specifications Social Networking Network Support in Florida Mobile Device Managment Business Continuity Service Providers OneNote Remote Worker Microsoft Excel eWaste Read Only Microsoft Business Solutions Safety Marketing Downloads Mirgation IT Managed Service in Tampa Information Technology Consulting Legal Proactive Tech Terms Cabling Windows 8 Professional Service Utility Computing Programming Managed Services Provider Digital Dark Data Technology Laws Staff IT Company in Tampa Websites Drones Gadgets Cables Backup and Disaster Recovery Google Maps Bluetooth Cortana Screen Reader Tech Company in Tampa Meetings Social Engineering Wasting Time Hotspot Going Green Enterprise Content Management Finance Tampa IT Services Education Black Friday Motherboard Employee-Employer Relationship ROI Alt Codes Top IT Outsourcing Company Consultation Multi-Factor Security Migration Help Desk Support in Tampa IT Consulting Services Cost Management Theft Mail Merge Careers Twitter Webcam Taxes Upgrades Botnet Telephony Supercomputer Running Cable I.T. Managament Tracking Saving Time Processors CrashOverride 3D Printing Emoji Update IT Budget Black Market Lithium-ion Battery Managed Servers Work/Life Balance 5G Business Appplications Administrator Web Server Cleaning IP Address Relocation Regulation Law Enforcement Notifications Unsupported Software Thank You Mobile Office Cameras Physical Security Hiring/Firing Motion Sickness Emergency Gadget Staffing Mobile Data Congratulations Error IT Consultant Refrigeration Personal Information CCTV How To Virus Cybercrime Crowdsourcing Printers GPS Public Cloud

Latest Blog Entry

Phishing attacks have been in the social consciousness now for a while, and for good reason: it is the predominant way that hackers gain access to secured networks and data. Unfortunately, awareness to an issue doesn’t always result in positive outcomes. In this case, hacker...

Latest News

SEG Awarded Small Business of the Year Award!

Symmetric Engineering Group was awarded the Upper Tampa Bay Chamber Small Business of the Year Award for their understanding technical service and support throughout the Tampa Bay area

Read more ...

Account Login