SamSam Ransomware Extorted Around $6 Million, Indians Among Victims Too

Since it first appeared in December 2015, the SamSam ransomware has raked in almost $6 million by targeting people around the world including India, says a new report from global cybersecurity major Sophos.

While most of known victims of the ransomware (74 per cent) are based in the US, they are spread across several regions, including Britain (8 per cent), Belgium (6 per cent), Canada (5 per cent), Australia (2 percent) and Denmark, the Netherlands, Estonia, the Middle East and India (1 per cent each), the report said.

“This is an attack pattern we’re likely to see an increase in India and it is time for Indian business and individuals to synchronise their cybersecurity posture to defend against such attacks,” Peter Mackenzie, Global Malware Escalations Manager at Sophos, said in a statement on Wednesday.

“The attack method is surprisingly manual and more cat burglar than smash-and-grab. As a result, the attacker can employ countermeasures to evade security tools and if interrupted can delete all trace of itself immediately, to hinder investigation,” Mackenzie added.

Unlike most ransomware, SamSam is a thorough encryption tool, rendering not only work data files unusable but any programme that is not essential to the operation of a Windows computer, most of which are not routinely backed up, according to the Sophos whitepaper titled “SamSam: The (Almost) Six Million Dollar Ransomware”.

If the process of encrypting data is interrupted, the malware is capable of comprehensively erasing all trace of itself immediately, hindering any investigation. Furthermore, recovery from the attack may require reimaging and/or reinstalling software as well as restoring backups.

As a result, many victims were not able to recover sufficiently or quickly enough to ensure business continuity and had to pay the ransom, the report added. “Traditional endpoint security is no longer enough to protect against today’s evolving ransomware threats,” Mackenzie added.



from Beebom https://ift.tt/2Oy4YCF
Share on Google Plus

About Unknown

This is a short description in the author block about the author. You edit it by entering text in the "Biographical Info" field in the user admin panel.

0 coment�rios:

Post a Comment