Server Software Targeted by SamSam Ransomware Disrupts Business Operations
It's nearly every day that we discover a new ransomware threat that is poised and ready to pounce on computers through file encryption methods and money extortion schemes. The latest ransomware threat to make the news is one dubbed SamSam Ransomware in its ability to target and wreak havoc on servers running un-patched software.
The SamSam Ransomware threat has been on a destructive path by infecting organizations through vulnerable servers and potentially outdated server software. What has set SamSam apart from other ransomware threats is that it is intended to target servers, which naturally belong to businesses.
Symantec made the discovery of SamSam infiltrating servers that have unpatched server-side software utilizing a tool called Jexboss. Through the use of Jexboss, perpetrators armed with SamSam Ransomware are able to exploit servers running Red Hat's JBoss enterprise application. So far, the initiated attacks have been highly successful, which may lead to other ransomware perpetrators to shift their focus into targeting businesses instead of individuals.
Just think, if hospitals were attacked with ransomware threats that resulted in payment to the ransomware perpetrators in the amount of $17,000, other business might relish the same result if they want to get their ransomware-infected computers back online bad enough.
"Ransomware has proven to be a viable business model, so it should come as no surprise that the techniques used have shifted beyond malicious spam and drive-by downloads to those more closely resembling targeted attacks," Symantec wrote.
SamSam Ransomware has been the primary threat utilize in recent attacks on businesses, such as several hospitals in the California area and one that runs ten hospitals in the Washington D.C. area. Once a system is infected with SamSam, it then has its files encrypted and ultimately prevents the computer from being used for basic tasks. Fundamentally, a system or server infected with SamSam Ransomware will no longer serve proper use to a business, and the company may be required to shutter certain services.
Organizations would rather pay the ransom fine, even if it amounts to several tens of thousands of dollars than suffer a loss of revenue and services for days, weeks, or even months. So far, SamSam has resulted in a lucrative business for ransomware perpetrators.
In light of SamSam taking a high road and attacking businesses, it is prudent that companies take proactive measures to protect themselves by first alerting their staff to avoid opening spam messages with attachments. One of the primary methods for infecting a computer or server with ransomware is via malicious spam email attachments. Furthermore, an infected system connected to a business network could then cause issues for all of the computers connected to the same network.
The business of ransomware is no laughing matter as it has propagated to reach personal computers and company-owned servers throughout the world. We must be vigilant or suffer the dire consequences or massive loss of revenue.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.