The SamSam ransomware virus hit the Colorado Department of Transportation for the second time. In the first attack detected on February 21, 2018, over 2,000 computers running Windows and McAfee security software were taken offline after their files were encrypted. After approximately 20% of those systems had been restored, a variation of the original SamSam ransomware struck again, leaving all affected computers offline.
SamSam ransomware first showed up in early 2016 and was initially targeting healthcare systems. In one case, a healthcare organization paid $55,000 in ransom to get their files back. Unlike traditional ransomware, SamSam does not rely on malvertising or malicious email attachments. This ransomware appears to be distributed through unpatched servers and uses them to compromise additional machines that hackers use to identify key data systems to encrypt.
Relying on internal IT teams to ensure all machines are maintained and patched on a regular basis is a time-consuming, up-hill battle. Shifting the cyber-protection workload from internal IT teams to 3rd parties who specialize in cyber security is a more optimal solution.
Read More Cyber Security Blogs
Other posts that might interest you
Cloudflare Security Bug
Eagle Eye Networks does not use Cloudflare - a website performance enhancement service. There was a relatively severe security issue detected by Tavis Ormandy at Project Zero in the Cloudflare…
February 27, 2017
Log4j Security Update
On Friday, Dec. 10, 2021 the Apache Software Foundation disclosed a critical vulnerability (CVE-2021-44228) in its “Log4j” software. The disclosure has received extensive news coverage because of the ubiquity of…
December 13, 2021
IoT Company Vows Recall
Brian Krebs who is one of the best reporters on security out there has this great article about a recall on devices that incorporate Chinese technology. He details how in…
October 18, 2016
