Ransomware attacks grew at an alarming rate last year. According to the FBI, victims paid nearly $1 billion in ransom in 2016.
Cybercriminals are not backing off from these types of attacks. In fact, they seem to be getting worse. A new variant is demanding an unbelievable ransom amount from its victims.
What’s the latest ransomware variant’s demands?
We’re talking about a ransomware variant dubbed SamSam. This attack is spreading rapidly and unfortunate victims are being asked to pay up to $33,000 in ransom to decrypt their files.
Criminals behind SamSam have been around for a while and have been gradually ramping up their ransom demands. The FBI has taken notice of this variant and released the following statement:
“MSIL or Samas (SamSam) was used to compromise the networks of multiple U.S. victims, including 2016 attacks on [health care] facilities that were running outdated versions of the JBoss content management application. SamSam exploits vulnerable Java-based [web] servers. SamSam uses open-source tools to identify and compile a list of hosts reporting to the victim’s active directory.
“The actors then use psexec exe to distribute the malware to each host on the network and encrypt most of the files on the system. The actors charge varying amounts in Bitcoin to provide the decryption keys to the victim.”
SamSam is similar to the frightening WannaCry attack that spread like wildfire earlier this year. It’s similar in that it spreads the same way. Once one machine is infected with the malware it searches every other machine connected to the network for vulnerabilities and infects those with the same flaws.
The ransom is based on the number of infected machines on a network. The criminals demand nearly $4,600 to decrypt one computer.
If more than one machine is infected the ransom is set at $16,400 to decrypt half of them and nearly $33,000 to decrypt them all. Yikes!
Since ransomware attacks are out of control, the FBI has gotten involved. It is warning victims that even if they pay the ransom, there is no guarantee they will get their files back.
Your best move is to be prepared for an attack ahead of time. Keep reading for suggestions.
How to defend against ransomware
With the ever-growing threat of ransomware, you need to take precautionary steps. Here are suggestions that will help:
- Back up data regularly – this is the best way to recover your critical data if your computer is infected with ransomware.
- Make sure your backups are secure – do not connect your backups to computers or networks that they are backing up.
- Do NOT enable macros – You should never download PDF, Word or Excel files attached to unsolicited emails to begin with. If you do open one of these documents and it says that you need to turn on macros, close the file and delete it immediately.
- Never open risky links in emails – don’t open attachments from unsolicited emails, it could be a phishing scam. Ransomware can infect your gadget through malicious links found in phishing emails. Can you spot one? Take our phishing IQ test to find out.
- Have strong security software – this will help prevent the installation of ransomware on your gadget.
Backing up your critical data is an important safety precaution in the fight against ransomware. It’s the best way to recover your files without paying a ransom.
We recommend using our sponsor IDrive. You can backup all your PCs, Macs and mobile devices into ONE account for one low cost! Go to IDrive.com and use promo code Kim to receive an exclusive offer.