50 F
Washington D.C.
Saturday, March 2, 2024

SamSam Teaches Hard Lessons about the Cost of Security Unpreparedness

On March 22, 2018, computer outages began to spread throughout critical systems operated by the city of Atlanta. The city’s information security team responded swiftly to the incident, which had the tell-tale signs of a ransomware attack. The municipality not only shut out employees from their systems but also took the precaution of shutting down many city services.

Atlanta was the highest-profile victim of SamSam, a ransomware operation that has infected scores of organizations. Since SamSam’s arrival on the scene, it’s believed to have infected more than 200 other businesses and groups, including hospitals, local governments, and healthcare firms. Last fall, Symantec estimated that the SamSam hacking group has launched attacks not just in the U.S but also in France, Portugal, Ireland, Israel and Australia. It’s also proven lucrative for the perpetrators – by one estimate netting some $7 million in revenue for the cyber criminals over the last three years.

But if we examine SamSam within a larger perspective, we can view it more generally as another demonstration of the increasing propensity of cyber criminals to shift tactics to find vulnerabilities. In many cases, organizations were targeted by scanning networks searching for unguarded points of entry. The operators would then reconnoiter a victim’s infrastructure before broadly infecting any systems. Like many other operations, the ransomware attacks use system tools to carry out the initial reconnaissance, which helps attackers avoid triggering defenses that are focused on detecting malware.

Read more at Symantec

Homeland Security Today
Homeland Security Todayhttp://www.hstoday.us
The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

Related Articles

Latest Articles