SamSam Ransomware Attacks continues to Impact Hospitals, Big Organizations and ICS Firms
Unfortunately, there is no stopping for SamSam ransomware terrors as it continues to attack huge Businesses and Organizations. Late in December 2017 and the start of 2018 has been a good period for the authors of the prevailing ransomware. According to the reports, the major attacks of SamSam ransomware in recent times were:
- Hancock Health Hospital in of Greenfield, Indiana;
- Adams Memorial Hospital in Decatur, Indiana;
- The municipality of Farmington, New Mexico;
- Allscripts that is a provider of cloud-based EHR (electronic health records);
- And an ICS (Industrial Control Systems) company in the US.
However, the Hancock Health officials had already confirmed that they opted to pay the ransom of Ransom of $55K in Bitions despite having backups. While others way for coping up with the effect is still unknown.
Active SamSam ransomware campaign
The SamSam ransomware was used in targeted attacks that scans the Internet to find computers with open RDP connections. It breaches the whole network connection through attacking these RDP endpoints and further spreads to more computer systems. In successfully entering to a huge network, it encrypts the important files and displays a ransom message with the phrase “sorry for files.” A a screenshot of this ransom note as released by The Farmington municipality.
However, the extension may vary but many of the infections reported with .weapologize extension. The payment demanded to unlock the files also varies and should be in the form of Bitcoins. It provides the Bitcoin wallet address for the victim to pay the ransom. The authors of SamSam ransomware had already holds 26 Bitcoin which worth $300,000. The ransomware is still prevailing and targeting open remote RDP connections. So the companies and businesses are advised to secure their networks with strong and unique passwords. This can avoid the breach of the deadly ransomware like SamSam ransomware onto your systems.