Contact us today!
(732) 291-5938
facebook twitter linkedin The Connection, Inc RSS Feed

The Connection, Inc Blog

The Connection, Inc has been serving the Hazlet area since 1992, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

The SamSam Ransomware Is Absolutely No Joke

The SamSam Ransomware Is Absolutely No Joke

The funny thing about ransomware is that they give them very strange names: Bad Rabbit sounds like the name of a villainous bunny who gets his comeuppance in some type of modern nursery rhyme, not malware that would ravage hundreds of European businesses. Locky seems like the son of Candado de seguridad, a character Medeco would come up with to educate kids on proper physical security. The latest in a long line of funny-named ransomware, SamSam, isn’t a pet name for your pet ferret you perplexingly named Sam, it is one of the worst ransomware strains ever, and it has caught the attention of U.S. Federal law enforcement.

Both the Federal Bureau of Investigation and the Department of Homeland Security have issued alerts for the ransomware, also known as MSIL/Samas.A. The alert was issued on December 3, 2018, and outlines an attack on multiple industries, some with crucial infrastructure. The ransomware has been in the news as of late, as two Iranian nationals, Faramarz Shahi Savandi and Mohammad Mehdi Shah Mansouri were indicted by a U.S. grand jury in New Jersey for ransomware attacks on the Colorado Department of Transportation.

The pair is alleged to have victimized over 200 hospitals, businesses, government agencies, and schools in the U.S. and Canada beginning in 2015; extorting over $6 million over that time. In addition to these charges, the two hackers have now been indicted by the state of Georgia on charges that they were the ones that perpetrated the ransomware systems that crippled Atlanta’s government in March of 2018. By taking almost 3,800 of the City of Atlanta’s computers hostage, prosecutors state that Mansouri and Savandi have cost the city millions of dollars in consultant fees, downtime, and other costs.

What is SamSam?
SamSam is a privately developed ransomware that is being used to target specific companies selected by the developers. This means that it isn’t just a commodity ransomware, it can’t be found on some type of criminal forum on the dark web, and it isn’t sold as a service like many other forms of ransomware. This is a major problem for any organization that is targeted, as none of the typical endpoint defensive strategies work to stop it.

What’s worse, is that that once a SamSam strain is used, and security vendors publish a report, another SamSam strain is developed. It is thought that this development team includes the two hackers implicated in the Colorado DoT crimes, the Atlanta crimes, and hundreds of other attacks over the past three years.

What Can You Do?
Thus far the SamSam ransomware has entered victims’ networks using exploits in web-facing servers. It has been deployed as millions of other pieces of malware as an executable file that is mistakenly unleashed, or via brute force via the Remote Desktop Protocol. So, while you can lock down your RDP, your best bet is to have a dedicated strategy that:

  • Doesn’t allow unauthorized users to have administrative privileges
  • Limits use of Domain Access accounts to administration tasks
  • Doesn’t provide service accounts for important services
  • Restricts access to critical systems

If you are diligent in your organizational cybersecurity practices, you should be able to conduct business as usual without having to worry about ransomware, SamSam or otherwise. If you are interested in knowing more about SamSam and how to stop it, contact the IT professionals at The Connection, Inc for more information at (732) 291-5938.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, 23 January 2019
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Free Consultation

Sign up today for a
FREE Network Consultation

How secure is your IT infrastructure?
Let us evaluate it for free!

Sign up Now!

freeconsultation
 

Tag Cloud

IT Management Backup and Disaster Recovery Cryptocurrency Typing Retail Maintenance Google Wallet Google Calendar Heating/Cooling Star Wars Cybercrime eWaste Hard Drive Windows 10 Licensing Recycling Telephone Systems SaaS WannaCry Unified Threat Management Consultation Virtual Private Network Remote Monitoring PowerPoint Procurement Update PDF Software as a Service Disaster Recovery Tech Term Web Server Risk Management Windows 8 Quick Tips Machine Learning Break Fix Business Computing Mobile Devices Domains Travel Mobile Device Management Network Management Competition Ransomware Cameras Managed IT Cache Healthcare Bluetooth Hosted Solutions Monitors Display Techology Workplace Tips Mobile Device Managment Information Smartphones Network Security Backup Business Growth Productivity Unsupported Software Mobile Device Scam Wireless Laptop Identity Microsoft Excel Smartphone Relocation Network Environment Features Miscellaneous Microsoft Office Troubleshooting Administration Regulations Programming Business Technology Nanotechnology Big Data Smart Tech User Backups Point of Sale Net Neutrality Samsung Managed Service Provider Managing Stress Gadgets VoIP Supercomputer Vulnerability Robot Solid State Drive Innovation Vendor Management Assessment Geography Data Breach Touchscreen Uninterrupted Power Supply Passwords Enterprise Resource Planning Content Filtering Telephony Authentication Legislation Fun Health Development Read Only Entrepreneur Collaboration Artificial Intelligence Users Cloud CCTV Mobile Computing Emoji Malware Dark Data Holiday Word Tech Support Social Best Practices Compliance Gmail Apple Distributed Denial of Service Downloads Firewall Training Virtualization Security Save Time Managed Services Provider Personal Information Microsoft Migration Augmented Reality Work/Life Balance Data Management Instant Messaging Hiring/Firing Two-factor Authentication Managed IT services Files User Error IT Support Address Firefox Bandwidth Spyware USB 3D Printing Hard Disk Drive Hacker Unified Communications Productivity Cookies Encryption Employees Superfish Settings Hotspot Remote Computing Outsourced IT Authorization Safety Mobile Data User Tips App OneNote Search Downtime File Sharing Mirgation Remote Worker Unified Threat Management IoT Money VPN How To Flexibility IT Technicians Cloud Computing IT Services Cabling Upgrade Human Error Hard Drives Hosted Solution Utility Computing Networking Staffing High-Speed Internet Public Cloud Trending Avoiding Downtime Co-managed IT BDR Taxes Shortcut Wires Wearable Technology Google Docs Best Practice Mobile Office Alert VoIP CIO Politics Managed Service Drones Experience Data Security Financial Alerts Apps Cables Digital Modem Google Drive Undo Conferencing Lithium-ion Battery Test Save Money IT service Marketing Intranet Help Desk Business Intelligence IT Support Internet Education Automation IP Address Employee-Employer Relationship Piracy Data storage Internet Exlporer Scary Stories Tablet Managed IT Service Bring Your Own Device Saving Time Cleaning Business Management Motherboard YouTube Information Technology IT Consulting Cooperation Gadget Blockchain Asset Tracking Security Cameras Customer Service Humor Tech Terms Documents Fraud MSP Storage Buisness 5G Redundancy Tip of the Week Internet of Things Servers Private Cloud Wi-Fi Data loss Project Management Bitcoin Computer Phone System Office Tips Dark Web Cost Management Upgrades Lenovo Alt Codes Twitter Legal Saving Money Identities HIPAA Printing Hacks Antivirus Office Communication Social Media Business Owner WPA3 Infrastructure iPhone Document Management Physical Security Cyber Monday Small Business Employer-Employee Relationship Virtual Reality IT Budget Vulnerabilities Digital Signature Mail Merge Electronic Medical Records BYOD Cortana Connectivity Statistics Current Events Spam Hackers Disaster Deep Learning Analytics Windows 10 Finance Government Chrome Writing Server Management Computing Infrastructure Management Digital Payment Technology Tips Office 365 Social Engineering Time Management Outlook Virtual Desktop Halloween Technology Laws Fleet Tracking Windows Sync LiFi Presentation Staff Computer Care End of Support Server Screen Reader IBM Running Cable Router Email Public Speaking Computers Network Congestion Webcam Refrigeration Enterprise Content Management Data Data Warehousing Business Corporate Profile Monitoring Software Permission Chromebook G Suite Hardware Meetings Wireless Technology Mouse Budget Business Continuity Proactive Automobile ROI Technology Remote Workers Tip of the week History Virus Data Backup Hacking Sports Printer Disaster Resistance IT Consultant Company Culture Motion Sickness Bookmarks Efficiency Zero-Day Threat Favorites Recovery Websites Processors Electronic Health Records The Internet of Things Application Administrator Phishing Crowdsourcing Chatbots Operating System E-Commerce GPS SharePoint Computing Customer Relationship Management Cybersecurity communications Software Tips Multi-Factor Security Smart Technology Data Recovery How To Theft Identity Theft Mobility Cyberattacks Black Market Comparison Remote Monitoring and Management Notifications Website WiFi Knowledge Mobile Android Proactive IT Access Control Tracking Black Friday Consulting Computer Repair Botnet Social Networking IT solutions Browser Applications Paperless Office RMM Error Language Permissions Specifications Privacy Google Maps Law Enforcement Mobile Security Analyitcs Password Consumers Going Green Operations Patch Management Google Facebook Managed IT Services

Top Blog

Don't be Afraid to Replace Got an older PC that's causing you a lot of issues? Older technology is typically more expensive to run, and after a while, it's cheaper to simply buy a new desktop than it is to continue pouring money into something that always seems broken. It's a great time to buy wo...
QR-Code