In a recent alert issued by the US Department of Health and Human Service (HHS), SamSam ransomware attack has targeted eight different government and healthcare entities this year. The alert is quite an eye opener for the cyber security world regarding the inexhaustible viability of the SamSam ransomware.
Along with the alert, HHS has also issued an advisory for healthcare sector for the prevention of such attacks. However, the stated measures are of very basic in nature and don’t ensure a comprehensive protection against ransomware attacks.
In addition, the department has also warned healthcare organizations that SamSam attacks will continue to target them. Healthcare sector is a favorite target of ransomware operators because of their overreliance on digital systems. Critical patient data is now also stored digitally and locking it down is indeed an attractive prospect for cybercriminals.
They also advise healthcare enterprises to focus on making and updating data backups and devise effective contingency and continuity plans to successfully hold out ransomware attacks. It includes strategies to effectively start ransomware decrypt and removal from the network right after the attack.
SamSam is not Slowing Down
SamSam was considered as the most notorious cyber threat of 2016. Afterwards, we saw a gradual decease in its activity. But at the end of 2017, we have seen 10 major attacks of SamSam in US, Canada and other countries in just the span of one month. Start of the New Year is also not so much different. In January, Allscripts, a company deals in healthcare management systems, sustained a major SamSam attack resulted in the lock down of electronic health registers of many of its clients for two weeks.
Apart from that, two hospitals in Indiana were also targeted by SamSam this year. One of the targeted hospitals, Hancock Health, paid the attackers for ransomware decrypt to get back their patients’ record and data. Cyber security researchers also noted that recent SamSam attacks on healthcare facilities exploited the same system vulnerabilities which made WannaCry and NotPetya epidemics successful.
