888.678.7282    Get SUPPORT

Strata Information Technology Blog

SamSam Is More than a Computer Virus

SamSam Is More than a Computer Virus

I think by now most people understand just how dangerous ransomware is. Even with some of the ridiculous names they have like Gandcrab, Jigsaw, and WannaCry. Hell, two strains even have names from the James Bond canon: LeChiffre and GoldenEye. But one funny-named strain of ransomware, SamSam, has been devastating information systems for sometime, and has caught the eye of several U.S. law enforcement agencies.

The Federal Bureau of Investigation and the Department of Homeland Security have issued alerts for SamSam, also known as MSIL/Samas.A. Issued on December 3, 2018, the alert suggests that there is an ongoing attack in progress that is targeting critical infrastructure. This is after the masterminds behind the attacks, Faramarz Shahi Savandi and Mohammed Mahdi Shah Mansouri were indicted by a Federal grand jury in New Jersey for their role in the SamSam attacks that affected the Colorado Department of Transportation in February of 2018.

The two men, who are Iranian nationals, are known to have perpetrated dozens of attacks. Some of the most notable are the hijacking of 3,800 municipal computers in Atlanta in March of 2018, an attack on the Port of San Diego in September, and over 2,000 other attacks. In all the pair are known to have extorted more than $6 million in cryptocurrency payments over that time.

What is SamSam?
Targeting specific industries and companies, the developers behind the SamSam ransomware, have a strategy. SamSam isn’t one of those readily-available ransomware strains that anyone can find and use. This one is engineered for a purpose and is altered as tools are developed to defeat it; making it one of the most dangerous threats ever developed. What’s more, that the indictments of these individuals are likely fruitless as the United States hold no extradition agreement with the Islamic Republic of Iran. This means that it’s very unlikely these men, seen as criminals in the west, will even be apprehended in their home country.

What Can You Do?
Unfortunately there isn’t much you can do if your organization is targeted by SamSam hackers other than continue to diligently prioritize best security practices. If your practices protect you against all other malware, keep doing what you are doing. The SamSam ransomware is typically deployed as an executable attachment or via brute force attack on a computer’s Remote Desktop Protocol (RDP). So, while you can lock down your RDP, you need to have a dedicated strategy that:

  • Doesn’t allow unauthorized users to have administrative privileges
  • Limits use of Domain Access accounts to administration tasks
  • Doesn’t provide service accounts for important services
  • Restricts access to critical systems

If you are interested in knowing more about SamSam and how to stop it, contact Strata Information Technology today at 888.678.7282.

What Do You Need Your Business’ Technology to Acco...
A Letter Back from Santa’s Elves
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, January 16 2019
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Business Computing Best Practices Managed IT Services Privacy Cloud Network Security Internet Malware Cybersecurity Hackers Backup Communications User Tips Ransomware Tech Term Business Management VoIP Outsourced IT Microsoft Software IT Support Productivity Smartphones Efficiency Passwords Productivity Alert IT Services Network Social Media Business Data Backup Google Windows 10 Hardware Email Communication Data Small Business Data Recovery Browser Phishing Holiday Save Money Hosted Solutions Cloud Computing Microsoft Office Mobile Device Smartphone Users Miscellaneous Saving Money Android Access Control App Bandwidth Internet of Things Twitter Business Continuity Apps Vulnerability Data Breach Collaboration Workplace Tips Excel Blockchain Employer-Employee Relationship Company Culture Remote Monitoring Scam Politics Wireless Mobile Device Management Cybercrime Government Wi-Fi Computer Networking Applications Patch Management Compliance Law Enforcement BDR Workers Innovation Settings Office 365 Personal Information BYOD Managed IT Service Automation Dark Web Education Chrome SaaS Spam Virus Vendor Management Computers Word Mobile Devices Windows Virtual Assistant Managing Stress How To Remote Monitoring and Management Entertainment Information Facebook Recovery Marketing Maintenance Password Antivirus Connectivity Retail Office Website Regulation Knowledge Outlook Net Neutrality CrashOverride WhatsApp Wireless Charging Streaming Media Encryption Disaster Recovery Upgrade Remote Control Technology Tips Hybrid Cloud Battery Data Management Troubleshooting Staff RAM Automobile Touchscreen Gaming Console Document Management Database Certification Processors Reporting Analytics Comparison Synergy Managed Service Lead Generation Downloads Plug-In Backup and Disaster Recovery Cables Yahoo VoIPMyths Scalability Phone System Emergency Telephony Websites Microsoft Teams Microsoft Office 365 Video Games Google Maps Paperless Office Tactics Mobility Apple Hard Drives Medical IT IaaS Two-factor Authentication Multi-Factor Security Specifications e-waste Profitability Worker News Artificial Intelligence Trends Proactive IT Television Information Technology Email Management SSD Voice over Internet Protocol DDoS VoIPSavings Credit Cards Licensing Voice over IP IT budget PowerPoint iPhone Authentication Staffing Digital Internet Explorer Training Smart Technology Avoiding Downtime GDPR HaaS Printer Server Tech Support disposal Dark Data Eliminating Downtime Printer Telephone System WannaCry A.I. Biometrics Sales Inventory Update Gadget Safety Travel IT Management Sports The Internet of Things Business Intelligence WiFi Dongle Cortana Authorization Physical Security Edge Threat Security Cameras Movies Storage Cleaning Gadgets Printers Budget Router Content Filtering Spyware Value Unified Threat Management Wireless Internet HIPAA Managed Service Provider Cost Management Leadership Access Tablet Amazon Technology Efficiently Current Events Shortcut Live Streaming Tech Terms Telephone Systems Data Protection Bring Your Own Device Files Managed IT Data loss Hiring/Firing Employer Employee Relationship Error Computer Care Gmail HP Botnet VPN Help Desk Remote Support Hard Drive Customer Service Google Drive Operating System Network Attached Storage Healthcare File Sharing Mobile Office IT Support Paper Fun User Tip Domains Hosted Solution Environment Server Management Spam Blocking User Security Ink Virtualization Tip of the week Autocorrect Public Speaking Copy Presentation Windows 10 Search Scheduling Business Technology VoIP Lithium-ion battery Server Remote Computing Paste Augmented Reality Conferencing Emoji Wireless Technology 5G Machine Learning Instagram IBM eCommerce G Suite Samsung Managed IT Services Hacker Telecommuting Money Telecommute Customer Relationship Management Mobile Security Competition Online Shopping Big Data Quick Tips IP Address Millennials Laptop Printing Wearables Unified Communications

Newsletter Sign Up