India amongst the top 10 countries susceptible to SAMSAM Ransomware: Sophos
Sophos has released an in-depth investigative white paper on the SamSam ransomware attacks that first appeared in December 2015. Titled “SamSam: The (Almost) Six Million Dollar Ransomware”, this white paper aims to provide a comprehensive understanding of this unique ransomware attack by summarizing key findings about attacker’s tools, techniques, and protocols.
SamSam is a thorough encryption tool, rendering not only work data files unusable but any program that is not essential to the operation of a Windows computer, most of which are not routinely backed up. SamSam’s attacking method unique as it is manual and as a result, attackers can employ countermeasures (if needed) to evade many security tools. If the process of encrypting data is interrupted, the malware is capable of comprehensively erasing all trace of itself immediately, hindering any investigation. Furthermore, recovery from the attack may require reimaging and/or reinstalling software as well as restoring backups. As a result, many victims were not able to recover sufficiently or quickly enough to ensure business continuity, and had to pay the ransom....Read More
Comments
Post a Comment