The SamSam ransomware virus hit the Colorado Department of Transportation for the second time. In the first attack detected on February 21, 2018, over 2,000 computers running Windows and McAfee security software were taken offline after their files were encrypted. After approximately 20% of those systems had been restored, a variation of the original SamSam ransomware struck again, leaving all affected computers offline.
SamSam ransomware first showed up in early 2016 and was initially targeting healthcare systems. In one case, a healthcare organization paid $55,000 in ransom to get their files back. Unlike traditional ransomware, SamSam does not rely on malvertising or malicious email attachments. This ransomware appears to be distributed through unpatched servers and uses them to compromise additional machines that hackers use to identify key data systems to encrypt.
Relying on internal IT teams to ensure all machines are maintained and patched on a regular basis is a time-consuming, up-hill battle. Shifting the cyber-protection workload from internal IT teams to 3rd parties who specialize in cyber security is a more optimal solution.
Read More Cyber Security Blogs
Other posts that might interest you
145,000 DVRs Compromised
Several articles, including one by the Wall Street Journal, have recently reported that approximately 145,000 hacked DVRs and cameras were used to create some of the largest denial of service…
September 30, 2016
Are You Afraid of Your DVR?
You should be if it's connected to the internet. It could be the doorway for hackers to access your entire network. Once a DVR is compromised, it can be used…
October 31, 2016
DDOS Cyber Attacks Update
Last week hackers forced Brian Krebs to take down his security journalism site because of a large scale Denial of Service Attack - likely one of the largest ever seen.…
September 29, 2016
