Symantec Threat Intelligence: SamSam Ransomware Targets Government & Healthcare Organisations
Today, Symantec released new research
on SamSam, the ransomware group believed to be behind the infamous attack on the city of Atlanta in March.
The research shows that SamSam is primarily targeting U.S. organisations, and has been observed targeting at least one organisation involved in
administering elections. With the upcoming U.S. midterm elections, the focus is naturally on cyber information operations and threats to voting
data integrity. However, unsuspected ransomware campaigns such as SamSam can be significantly disruptive to government
organisations and operations.
Symantec research also shows that healthcare organisations accounted for nearly a quarter of detected SamSam attacks in
2018. Why healthcare was a particular focus for the group remains unknown, but it is possible attackers believe healthcare
organisations are easier to infect or more likely to pay the ransom.
For more information on SamSam, check out Symantec’s blog post
. You can also find more information about election security such as, how to spot a Twitter bot and how to hack a voting