The SamSam ransomware virus hit the Colorado Department of Transportation for the second time. In the first attack detected on February 21, 2018, over 2,000 computers running Windows and McAfee security software were taken offline after their files were encrypted. After approximately 20% of those systems had been restored, a variation of the original SamSam ransomware struck again, leaving all affected computers offline.
SamSam ransomware first showed up in early 2016 and was initially targeting healthcare systems. In one case, a healthcare organization paid $55,000 in ransom to get their files back. Unlike traditional ransomware, SamSam does not rely on malvertising or malicious email attachments. This ransomware appears to be distributed through unpatched servers and uses them to compromise additional machines that hackers use to identify key data systems to encrypt.
Relying on internal IT teams to ensure all machines are maintained and patched on a regular basis is a time-consuming, up-hill battle. Shifting the cyber-protection workload from internal IT teams to 3rd parties who specialize in cyber security is a more optimal solution.
Read More Cyber Security Blogs
Other posts that might interest you
A Victim of the Recent Petya Ransomware Virus
One of Brivo’s large international customers (who shall go nameless due to confidentiality) was a victim of the recent Petya Ransomware virus. The virus infected a large number of their Windows…
July 18, 2017
Log4j Security Update
On Friday, Dec. 10, 2021 the Apache Software Foundation disclosed a critical vulnerability (CVE-2021-44228) in its “Log4j” software. The disclosure has received extensive news coverage because of the ubiquity of…
December 13, 2021
Devil’s Ivy Update
In July 2017, cyber security researchers discovered a serious flaw, which they named “Devil’s Ivy”, that exists in nearly all cameras supporting the popular ONVIF specification. The flaw allows hackers…
August 8, 2017
