7 things to know about SamSam, the ransomware hitting hospitals, city governments & businesses

Healthcare professionals should be particularly concerned following a wave of cyberattacks involving SamSam, a ransomware variant used extensively in attacks on healthcare providers, according to BleepingComputer.

Indiana-based hospitals, EHR vendor Allscripts and municipalities like Farmington, N.M., coped with ransomware last week as their organizations' computer systems became infected with SamSam or a variant of it.

Here are seven things to know.

1. In three incidents, victims said the ransomware locked files and displayed a message with the word "sorry."

2. BleepingComputer reports there have been 17 submissions of SamSam-related files just this month to the ID-Ransomware service.

3. Each infection of SamSam looks different because it is a custom strain that hackers use in targeted attacks.

4. While some ransomware tricks users into clicking on infected files to gain entrance, SamSam targets servers instead, according to Security Affairs. Hackers scan the internet for computers with open remote desktop software connections to break into networks by forcing the RDP endpoints to spread to other computers.

5. Contrasting some reports, CSO Online noted that Allscripts said that the ransomware appeared to be a "commodity malware and that the company wasn’t directly targeted." It is not yet clear how many Allscripts clients have been affected, but some clients were still offline Sunday and the company said outages were possible through Monday.

6. Hancock Health in Greenfield, Ind., is the only organization to admit paying ransom, to unlock the files. The hospital paid 4 bitcoins, or the equivalent of about $55,000, at the time. No other organization has commented on whether they've paid the ransom.

7. The bitcoin wallet address used in Farmington, N.M.'s ransom note received its first transaction Dec. 25. The account currently holds 26 bitcoins, equating to about $300,000, according to BleepingComputer.

More articles on cybersecurity:

BCBS of Arizona collaborates with American Well to expand telehealth services: 3 things to know

Survey: Hospital CIOs weigh in on most promising, overhyped IT trends

Google CEO: AI could become 'more profound than electricity or fire'

 

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.

 

Featured Whitepapers

Featured Webinars