SamSam uses configuration errors in companies’ IT to block their computer systems or networks. To release these, the companies have to pay a ransom, often in bitcoins.
Universities especially are victims
SamSam has operated for more than one-and-a-half years around the world and seems to have mostly affected schools, hospitals and universities, reports NOS (Dutch news service). The IT Department at TU Delft says that it is doing everything it can to keep the software and systems up-to-date so that ransomware such as SamSam cannot get a foothold in any vulnerable areas. “We are also working on improving the spam filter and on security measures in the email environment to avoid inadvertently introducing vulnerabilities,” says IT communications advisor, Annelien Wehrmeijer. “Nevertheless, on top of these technical measures, we are asking everyone to remain alert to suspicious emails.”
Tips to avoid installing ransomware:
- Back-up! Back-up! Back-up!
- Make sure that the back-up is in a secure location and is not connected to your computer when not in use.
- Use good anti-virus software to protect your system from ransomware.
- Make sure that all software on your computer is up-to-date. Whenever new versions of your operating system or software are issued, install them immediately.
- Be watchful for phishing. Malware is often installed through phishing. Read Delta’s previous tips on avoiding phishing.
- If you come across a suspicious or unfamiliar process on your computer, disconnect from the internet or other network connection (such as working on the network through WiFi at home) immediately. This avoids spreading the infection.
- Watch the film below to see how a ransomware attack is done.