631-905-9617    Get SUPPORT

Suffolk Computer Consultants Blog

SamSam Is More than a Computer Virus

SamSam Is More than a Computer Virus

I think by now most people understand just how dangerous ransomware is. Even with some of the ridiculous names they have like Gandcrab, Jigsaw, and WannaCry. Hell, two strains even have names from the James Bond canon: LeChiffre and GoldenEye. But one funny-named strain of ransomware, SamSam, has been devastating information systems for sometime, and has caught the eye of several U.S. law enforcement agencies.

The Federal Bureau of Investigation and the Department of Homeland Security have issued alerts for SamSam, also known as MSIL/Samas.A. Issued on December 3, 2018, the alert suggests that there is an ongoing attack in progress that is targeting critical infrastructure. This is after the masterminds behind the attacks, Faramarz Shahi Savandi and Mohammed Mahdi Shah Mansouri were indicted by a Federal grand jury in New Jersey for their role in the SamSam attacks that affected the Colorado Department of Transportation in February of 2018.

The two men, who are Iranian nationals, are known to have perpetrated dozens of attacks. Some of the most notable are the hijacking of 3,800 municipal computers in Atlanta in March of 2018, an attack on the Port of San Diego in September, and over 2,000 other attacks. In all the pair are known to have extorted more than $6 million in cryptocurrency payments over that time.

What is SamSam?
Targeting specific industries and companies, the developers behind the SamSam ransomware, have a strategy. SamSam isn’t one of those readily-available ransomware strains that anyone can find and use. This one is engineered for a purpose and is altered as tools are developed to defeat it; making it one of the most dangerous threats ever developed. What’s more, that the indictments of these individuals are likely fruitless as the United States hold no extradition agreement with the Islamic Republic of Iran. This means that it’s very unlikely these men, seen as criminals in the west, will even be apprehended in their home country.

What Can You Do?
Unfortunately there isn’t much you can do if your organization is targeted by SamSam hackers other than continue to diligently prioritize best security practices. If your practices protect you against all other malware, keep doing what you are doing. The SamSam ransomware is typically deployed as an executable attachment or via brute force attack on a computer’s Remote Desktop Protocol (RDP). So, while you can lock down your RDP, you need to have a dedicated strategy that:

  • Doesn’t allow unauthorized users to have administrative privileges
  • Limits use of Domain Access accounts to administration tasks
  • Doesn’t provide service accounts for important services
  • Restricts access to critical systems

If you are interested in knowing more about SamSam and how to stop it, contact Suffolk Computer Consultants today at 631-905-9617.

What Do You Need Your Business’ Technology to Acco...
Tip of the Week: How to Make Your Smartphone Work ...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, March 26 2019
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Best Practices Business Computing Privacy Cloud Network Security Productivity User Tips Cybersecurity Microsoft Malware Communications Google Smartphones Managed IT Services Tech Term Communication Hackers Backup Business Efficiency Hardware Email Passwords Business Management Outsourced IT Internet Data Software Browser Windows 10 Innovation Android Hosted Solutions Small Business Ransomware Data Backup Data Recovery Users Mobile Device Collaboration VoIP Mobile Devices Wi-Fi IT Support IT Services Network Microsoft Office Alert Cloud Computing Holiday Applications Social Media Managed IT Services Save Money Internet of Things Smartphone Employer-Employee Relationship Bandwidth Business Intelligence Miscellaneous Saving Money Router Wireless Password Twitter Computer Access Control Apps Workplace Tips Marketing Gadgets Automation Data Management Analytics Phishing VoIP Virtualization Office 365 Patch Management Settings Networking Data Breach Vulnerability Business Continuity Information Chrome BDR Excel Office Government Blockchain Word Paperless Office IT Support Cost Management Productivity Company Culture Compliance Remote Monitoring Computers How To Politics Law Enforcement Artificial Intelligence Website Wireless Charging Data Protection Windows Physical Security Managed IT Service WiFi Cybercrime Gmail Scam Remote Monitoring and Management Spam Battery Mobile Device Management Dark Web G Suite Facebook Medical IT Cortana Retail Tech Terms Connectivity App Tip of the week Remote Computing Data Security VPN Hacking Workers Mobility Virus Managed Service Virtual Assistant BYOD HP Database Education Smart Technology Storage Multi-Factor Security Conferencing Work/Life Balance Staff RAM Phone System Training News Time Management Email Management Sales Managed IT Server Management Downloads Eliminating Downtime Licensing Online Shopping WannaCry Environment Payment Paste iPhone Botnet Ink SaaS Millennials Office Tips Automobile Backup and Disaster Recovery Plug-In Document Management Tactics Error Content Filtering Websites Microsoft Teams Cables Security Cameras Big Data Telephone System Chrome OS Tablet Trends Staffing Wireless Internet Travel HIPAA e-waste Proactive IT instant Messaging Hard Drives IT budget PowerPoint Troubleshooting SSD Digital Internet Explorer Information Technology Touchscreen Managing Stress Gadget Voice over Internet Protocol Wearables Upgrade disposal Reporting Knowledge Server Machine Learning A.I. Help Desk Live Streaming Hard Drive Vulnerabilities Telephone Systems File Sharing IT Management Sports Printer Server Update Files Telephony Google Maps Inventory Remote Support Edge Threat Entertainment Biometrics Microsoft Office 365 User Tip Dongle Shortcut Healthcare Processors Value Disaster Recovery Google Drive Comparison Telecommute Movies Recovery Certification WhatsApp Maintenance Analysis Cryptocurrency Two-factor Authentication Remote Control User Security Cleaning Printers Outlook Voice over IP Lead Generation Mobile Security Hosted Solution Laptop Printing Access Authentication Spotify Bring Your Own Device CrashOverride Amazon Spyware GDPR Specifications Data loss Unified Communications Antivirus Tech Support Spam Blocking Business Technology Hiring/Firing Network Attached Storage Streaming Media Profitability eCommerce Operating System Copy Apple Paper Personal Information Authorization Safety Telecommuting Technology Tips Hybrid Cloud E-Commerce Hacker The Internet of Things Fun Budget Gaming Console Freedom of Information Customer Relationship Management Quick Tips Competition IP Address Scalability Synergy Regulation Encryption Video Games Yahoo Customer Service IaaS Worker Search Television Mobile Office Credit Cards Emoji Vendor Management Domains Autocorrect HaaS Printer Windows 10 Avoiding Downtime Unified Threat Management Scheduling Public Speaking Dark Data Presentation Samsung Managed Service Provider Leadership Lithium-ion battery Current Events Instagram Augmented Reality DDoS Windows 7 Money Computer Care Wireless Technology 5G Emergency IBM Employer Employee Relationship Net Neutrality

Newsletter Sign Up