Contact us today!
(732) 291-5938
facebook twitter linkedin The Connection, Inc RSS Feed

The Connection, Inc Blog

The Connection, Inc has been serving the Hazlet area since 1992, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

The SamSam Ransomware Is Absolutely No Joke

The SamSam Ransomware Is Absolutely No Joke

The funny thing about ransomware is that they give them very strange names: Bad Rabbit sounds like the name of a villainous bunny who gets his comeuppance in some type of modern nursery rhyme, not malware that would ravage hundreds of European businesses. Locky seems like the son of Candado de seguridad, a character Medeco would come up with to educate kids on proper physical security. The latest in a long line of funny-named ransomware, SamSam, isn’t a pet name for your pet ferret you perplexingly named Sam, it is one of the worst ransomware strains ever, and it has caught the attention of U.S. Federal law enforcement.

Both the Federal Bureau of Investigation and the Department of Homeland Security have issued alerts for the ransomware, also known as MSIL/Samas.A. The alert was issued on December 3, 2018, and outlines an attack on multiple industries, some with crucial infrastructure. The ransomware has been in the news as of late, as two Iranian nationals, Faramarz Shahi Savandi and Mohammad Mehdi Shah Mansouri were indicted by a U.S. grand jury in New Jersey for ransomware attacks on the Colorado Department of Transportation.

The pair is alleged to have victimized over 200 hospitals, businesses, government agencies, and schools in the U.S. and Canada beginning in 2015; extorting over $6 million over that time. In addition to these charges, the two hackers have now been indicted by the state of Georgia on charges that they were the ones that perpetrated the ransomware systems that crippled Atlanta’s government in March of 2018. By taking almost 3,800 of the City of Atlanta’s computers hostage, prosecutors state that Mansouri and Savandi have cost the city millions of dollars in consultant fees, downtime, and other costs.

What is SamSam?
SamSam is a privately developed ransomware that is being used to target specific companies selected by the developers. This means that it isn’t just a commodity ransomware, it can’t be found on some type of criminal forum on the dark web, and it isn’t sold as a service like many other forms of ransomware. This is a major problem for any organization that is targeted, as none of the typical endpoint defensive strategies work to stop it.

What’s worse, is that that once a SamSam strain is used, and security vendors publish a report, another SamSam strain is developed. It is thought that this development team includes the two hackers implicated in the Colorado DoT crimes, the Atlanta crimes, and hundreds of other attacks over the past three years.

What Can You Do?
Thus far the SamSam ransomware has entered victims’ networks using exploits in web-facing servers. It has been deployed as millions of other pieces of malware as an executable file that is mistakenly unleashed, or via brute force via the Remote Desktop Protocol. So, while you can lock down your RDP, your best bet is to have a dedicated strategy that:

  • Doesn’t allow unauthorized users to have administrative privileges
  • Limits use of Domain Access accounts to administration tasks
  • Doesn’t provide service accounts for important services
  • Restricts access to critical systems

If you are diligent in your organizational cybersecurity practices, you should be able to conduct business as usual without having to worry about ransomware, SamSam or otherwise. If you are interested in knowing more about SamSam and how to stop it, contact the IT professionals at The Connection, Inc for more information at (732) 291-5938.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, 19 March 2019
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Free Consultation

Sign up today for a
FREE Network Consultation

How secure is your IT infrastructure?
Let us evaluate it for free!

Sign up Now!

freeconsultation
 

Tag Cloud

Bluetooth Technology Tips Cyber Monday Downtime ROI Social Media Project Management Safety IP Address Environment Cybercrime Distributed Denial of Service Operating System Google Drive IT Support Theft Google Calendar End of Support Conferencing Telephone Systems Mobile Device Managment App Tracking Update Analyitcs Cookies USB Unified Threat Management Legislation Gadgets Remote Worker Passwords Microsoft Excel Heating/Cooling Mobile Devices Customer Service Spyware Mobile Security Backups Malware Social Collaboration Productivity Assessment Smartphone Cloud Router How To Computer Care Best Practice GPS WiFi Emoji Applications Troubleshooting Augmented Reality Remote Workers WannaCry Business Technology Geography Cortana BDR Notes SharePoint Monitors Administrator How To Backup and Disaster Recovery Education Virtual Reality Piracy Content Filtering Network Congestion Staffing Monitoring Mail Merge Hiring/Firing Recycling Disaster Windows 7 Hotspot Two-factor Authentication Dark Data Cables Virtual Private Network Law Enforcement Staff Windows Vulnerability Data Security Remote Monitoring Personal Information Application Digital Signature Fun Mobile WPA3 History Internet Settings Administration Employees Asset Tracking Software as a Service Internet of Things Operations Lenovo Managed IT Networking Office Tips Professional Services Legal Marketing Machine Learning Refrigeration Domains Running Cable Network Modem Wires Proactive IT Development Blockchain Display Hacking Maintenance Small Business 5G Email Managed Service Cameras Virus Automation Tablet Best Practices Downloads Procurement Typing Regulations Finance Browser Lithium-ion Battery Encryption Employer-Employee Relationship User Error Windows 8 Scary Stories Saving Money Net Neutrality Fraud Writing Customer Relationship Management Remote Monitoring and Management Notifications Cache Motion Sickness BYOD Managed Services Provider Database IT Consultant Statistics Voice over Internet Protocol Mobile Device Management Crowdsourcing Training Human Error IoT Information Hard Disk Drive Bitcoin Hacker Outlook Retail Cost Management Documents SaaS eWaste Identities Botnet Cleaning Data storage Connectivity Healthcare Unsupported Software Wearable Technology Phone System Password Zero-Day Threat Business Owner Android Proactive User Tips Cooperation Hardware Firefox Company Culture Employee-Employer Relationship Private Cloud IBM Wasting Time Superfish Multi-Factor Security Document Management Computer Repair Data Warehousing Undo Data Microsoft Technology Laws Virtualization Read Only Point of Sale Telephony Internet Exlporer Twitter Social Engineering Nanotechnology Unified Threat Management Data Recovery Business Continuity Laptop Vendor Management Computer Websites Wi-Fi Phishing Electronic Medical Records Backup Wireless IT service Efficiency Office 365 Trending Alerts User Chrome Automobile Files Workplace Tips Permissions Artificial Intelligence Saving Time Mobile Computing VoIP Software Tech Terms Bring Your Own Device Security Smartphones Identity Theft Productivity Sports Motherboard Physical Security IT Services Hacks Meetings Tip of the week Mobile Data Server Going Green Enterprise Content Management Compliance Budget Facebook Tech Term Authentication Mobile Office RMM Knowledge OneNote Smart Tech High-Speed Internet Mirgation Upgrade Utility Computing Website Business Growth Server Management Big Data Privacy Save Money Virtual Desktop Word Business Computing Managed IT Service Gadget Permission Hosted Solutions IT Support Smart Technology Software Tips Computing IT Consulting MSP Security Cameras Break Fix Entrepreneur Gmail Competition Current Events Experience Help Desk Chromebook Apps Samsung Innovation Windows 10 Antivirus Authorization Apple Hard Drive Paperless Office Error Techology Alt Codes Computers Alert Mouse Technology Infrastructure Presentation Social Networking Miscellaneous Quick Tips VoIP 3D Printing Communication Robot The Internet of Things Hackers Tip of the Week Network Management Features Work/Life Balance Data Management Digital Government Management Corporate Profile Touchscreen Halloween PDF Google Docs Shortcut G Suite IT Technicians VPN Identity Managing Stress Holiday Windows 10 Business Humor Ransomware File Sharing Bookmarks Consultation Star Wars CCTV Taxes Business Management Health Data loss Travel Office Consumers PowerPoint Google Maps CIO Printing Data Breach Network Security Co-managed IT Firewall Servers Enterprise Resource Planning communications Language Dark Web Bandwidth Hard Drives Microsoft Office Uninterrupted Power Supply Sync IT Management Cyberattacks Storage Outsourced IT Black Market Processors Mobile Device Address Tech Support Web Server IT Budget iPhone Black Friday Google Wallet Managed IT services Programming Virtual Assistant LiFi YouTube Printer Migration Risk Management Spam E-Commerce Consulting HIPAA Public Speaking Patch Management Public Cloud Scam Licensing Electronic Health Records Unified Communications Solid State Drive Webcam Drones Redundancy Analytics Save Time Business Intelligence Supercomputer Cloud Computing Avoiding Downtime Wireless Technology Recovery Search Cryptocurrency Vulnerabilities Users Hosted Solution Digital Payment Managed Service Provider Intranet Favorites Information Technology Money Test IT solutions Google Mobility Chatbots Financial Flexibility Disaster Recovery Computing Infrastructure Upgrades Instant Messaging Comparison Managed IT Services Specifications Relocation Screen Reader Fleet Tracking Time Management Cybersecurity Remote Computing Data Backup Cabling Politics Access Control Disaster Resistance Buisness Deep Learning

Top Blog

Let's look at the definition of disaster. dis·as·ter A calamitous event, especially one occurring suddenly and causing great loss of life, damage, or hardship, as a flood, airplane crash, or business failure.To The Connection, Inc, a disaster is anything that involves a major loss of data or major downt...
QR-Code