One of the most prominent forms of ransomware in 2018 has been the SamSam ransomware. Most of the attacks have been in the United States, but some have surfaced in Europe, especially Portugal. This ransomware, like all cyber attacks, has changed from earlier malware attacks. Instead of focusing on individuals via email, this ransomware has targeted larger organizations. The cyber attack on the computer systems of the government of the city of Atlanta is believed to have been caused by SamSam. The clean up from that attack is believed to have cost the city 10 million dollars. Healthcare and government are prime targets of this ransomware, although it can appear in any organization.

While most ransomware infiltrates through spam emails, SamSam targets an organization by gaining access to the organization’s network and mapping out the network then encrypting as many computers as possible. This is done stealthily over a period of a few days. Sometimes, even backups are encrypted, which could cause permanent loss of data.

What are steps to take to prevent SamSam and other ransomware?

  • Backup – the use of a good backup cannot be stressed enough. It is KEY in addition to a strong security strategy.
  • Default passwords along with two-factor authentication are also strongly advised.
  • If possible, create backups that are offline and offsite.
  • Work closely with your technology experts to ensure you have all of your bases covered.

 

Hacking Scam – Not a Ransomware

On the flip side, there is an email scam surfacing that states “Hacking Alert – Your account has been hacked,” and demands ransom. The scam sends an email that looks like it is from your account that might even show your password. It states that your account has been hacked by a spyware developer. It also claims that it has been following you and has seen all of your activity and knows everything you do online. Even stranger, it claims to have access to your camera on your device and has been taking pictures of you. It claims that it has seen you visiting “adult content” sites and demands ransom or it will unleash this information. DO NOT PAY. This is a scam. The scammer does not have access to your account or computer. It is sent by a 3rd party email spoofing service and makes it look like it is coming from your account. The best thing to do is to ignore and change your password.

Stay cyber safe in the new year!