Cyber-threats like ransomware are alive and well in 2018 and continue to wreak havoc on everyday users.  However ransomware isn't the only thing to worry about, as social-engineering attacks through SMS and a variety also known as Vishing are becoming more sophisticated over time.  We take a look at some very serious cyberthreats to be aware of, and what you can do to stay secure in the next year.

Ransomware Threat SamSam

Recently Colorado's Department of Transportation (DoT) agency was forced to shut down nearly 2'000 systems due to the SamSam Ransomware infection.  The attack was noticed by cyber security officials on February 22nd.  The hackers were able to encrypt files and demanded the ransom be paid in Bitcoin.

Officials of CDOT also noted that the SamSam ransomware was able to infect the departments only Windows OS based computers regardless of them being protected by McAfee AV.  State officials worked with their anti-virus provider however to ensure a patch was made to address the intrusion of this specific type of ransomware in the future.

Luckily by making use of data backup's, the data loss reported by CDOT was minimum thus helping taxpayers avoid having to bear the brunt of paying a ransom to the hackers.  Further investigation found that the ransomware did not go so far as to infect any other critical systems such as cameras, alerts, or traffic related technologies.

What is SamSam?

SamSam is a virus classified as ransomware which encrypts the data of an infected device and demands a payment (typically in bitcoin) within a certain time frame before the data is permanently lost.  This particular Ransomware was spread via RDP attacks a few years ago.

According to experts at Cyberheist, Attackers break their way into large networks by brute-forcing RDP endpoints and spreading from there.  Once they have enough infected computers across a network, the attackers deploy the SamSam ransomware and wait for the payment.

Best Method of Defending Yourself

It's recommended to set strong RDP security settings, as well as disabling access to shared folders and clipboards from remote locations on the RDP connection window.

We also recommend that you keep a running backup of all data you deem important.  As noted above, the Colorado DOT was able to save themselves by restoring to a previous backup.  Keeping a backup that is saved and secured yourself is the best say to keep your data in tact.

 

We take cyber threats seriously, and are always looking out for the latest threats and attack vectors.  Check our blog for more news on cyber security and technology.