631-905-9617    Get SUPPORT

Suffolk Computer Consultants Blog

SamSam Is More than a Computer Virus

SamSam Is More than a Computer Virus

I think by now most people understand just how dangerous ransomware is. Even with some of the ridiculous names they have like Gandcrab, Jigsaw, and WannaCry. Hell, two strains even have names from the James Bond canon: LeChiffre and GoldenEye. But one funny-named strain of ransomware, SamSam, has been devastating information systems for sometime, and has caught the eye of several U.S. law enforcement agencies.

The Federal Bureau of Investigation and the Department of Homeland Security have issued alerts for SamSam, also known as MSIL/Samas.A. Issued on December 3, 2018, the alert suggests that there is an ongoing attack in progress that is targeting critical infrastructure. This is after the masterminds behind the attacks, Faramarz Shahi Savandi and Mohammed Mahdi Shah Mansouri were indicted by a Federal grand jury in New Jersey for their role in the SamSam attacks that affected the Colorado Department of Transportation in February of 2018.

The two men, who are Iranian nationals, are known to have perpetrated dozens of attacks. Some of the most notable are the hijacking of 3,800 municipal computers in Atlanta in March of 2018, an attack on the Port of San Diego in September, and over 2,000 other attacks. In all the pair are known to have extorted more than $6 million in cryptocurrency payments over that time.

What is SamSam?
Targeting specific industries and companies, the developers behind the SamSam ransomware, have a strategy. SamSam isn’t one of those readily-available ransomware strains that anyone can find and use. This one is engineered for a purpose and is altered as tools are developed to defeat it; making it one of the most dangerous threats ever developed. What’s more, that the indictments of these individuals are likely fruitless as the United States hold no extradition agreement with the Islamic Republic of Iran. This means that it’s very unlikely these men, seen as criminals in the west, will even be apprehended in their home country.

What Can You Do?
Unfortunately there isn’t much you can do if your organization is targeted by SamSam hackers other than continue to diligently prioritize best security practices. If your practices protect you against all other malware, keep doing what you are doing. The SamSam ransomware is typically deployed as an executable attachment or via brute force attack on a computer’s Remote Desktop Protocol (RDP). So, while you can lock down your RDP, you need to have a dedicated strategy that:

  • Doesn’t allow unauthorized users to have administrative privileges
  • Limits use of Domain Access accounts to administration tasks
  • Doesn’t provide service accounts for important services
  • Restricts access to critical systems

If you are interested in knowing more about SamSam and how to stop it, contact Suffolk Computer Consultants today at 631-905-9617.

What Do You Need Your Business’ Technology to Acco...
Tip of the Week: How to Make Your Smartphone Work ...


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Thursday, January 24 2019
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Best Practices Business Computing Cloud Privacy Network Security Cybersecurity Productivity User Tips Malware Tech Term Managed IT Services Backup Communications Smartphones Microsoft Hardware Internet Efficiency Passwords Communication Hackers Business Business Management Google Android Email Outsourced IT Hosted Solutions Small Business Software Browser Ransomware Data Backup Data Recovery VoIP Wi-Fi Mobile Device Network Social Media Windows 10 Alert Holiday Cloud Computing Applications Data Collaboration Save Money IT Support Microsoft Office Internet of Things Smartphone IT Services Innovation Miscellaneous Employer-Employee Relationship Saving Money Bandwidth Wireless Mobile Devices Business Intelligence Router Computer Managed IT Services Password Apps Twitter Access Control Users Workplace Tips Automation Data Management BDR Analytics Phishing VoIP Virtualization Blockchain Settings Patch Management Data Breach Business Continuity Vulnerability Information Marketing Networking Gadgets Excel Office Government Word Cost Management IT Support Tech Terms Connectivity Company Culture Politics Remote Monitoring How To Compliance Spam Law Enforcement Wireless Charging Virtual Assistant Mobile Device Management Physical Security Managed IT Service Windows WiFi Cybercrime Data Protection Gmail Scam Computers Dark Web Remote Monitoring and Management Facebook Battery Artificial Intelligence Cortana Retail Productivity Medical IT App Tip of the week Remote Computing Chrome VPN Hacking Virus Workers Mobility Website Office 365 Managed Service BYOD Paperless Office Conferencing Telecommute Education Movies Smart Technology Work/Life Balance News Authorization Processors Value Phone System Multi-Factor Security Upgrade Managed IT Licensing Online Shopping Storage Lead Generation Mobile Security Email Management Sales Training Botnet Millennials SaaS Bring Your Own Device Office Tips Automobile Paste iPhone Eliminating Downtime Laptop Printing Content Filtering Plug-In Data loss Unified Communications Telephone System Spyware Network Attached Storage Streaming Media Travel Error Operating System Staffing Tablet Cables Security Cameras Paper Hard Drives Technology Tips Hybrid Cloud Wireless Internet Proactive IT Staff RAM Information Technology Two-factor Authentication Troubleshooting HP Database Gadget Server Management Downloads Server Live Streaming Touchscreen WannaCry Environment Knowledge Voice over Internet Protocol Wearables Ink Files Telephony Reporting Backup and Disaster Recovery Printer Server Google Maps Telephone Systems File Sharing Help Desk User Tip Websites Entertainment Microsoft Teams Biometrics Tech Support Remote Support Update Document Management Tactics Shortcut Healthcare Trends Disaster Recovery WhatsApp Microsoft Office 365 HIPAA e-waste Recovery Safety Google Drive Comparison IT budget PowerPoint Maintenance Voice over IP SSD Cleaning Printers Remote Control User Security Certification Analysis Managing Stress Access Spotify Hosted Solution Outlook Digital Internet Explorer CrashOverride Amazon Data Security Machine Learning A.I. Authentication Hard Drive disposal Specifications IT Management Antivirus Sports Big Data Hiring/Firing eCommerce GDPR Inventory Spam Blocking Business Technology Telecommuting Dongle G Suite Copy Apple Profitability Edge Threat Customer Service Fun Gaming Console Mobile Office Freedom of Information Domains Quick Tips Scalability Synergy Windows 10 Encryption Video Games Yahoo Worker Public Speaking Regulation IaaS Television Credit Cards Presentation Search Emoji Vendor Management Lithium-ion battery Printer Augmented Reality Autocorrect HaaS Avoiding Downtime Wireless Technology 5G Unified Threat Management IBM Scheduling Dark Data The Internet of Things Hacker Samsung Leadership Budget Current Events Managed Service Provider Customer Relationship Management Instagram Competition DDoS Money Emergency Computer Care IP Address Personal Information Employer Employee Relationship Net Neutrality

Newsletter Sign Up