Fox-IT reported at the start of December that many Dutch companies had been hit in recent months by a new form of ransomware: SamSam. “Dozens of companies have been affected, but that is probably only the tip of the iceberg,” Chief Security Expert Frank Groenewegen of Fox-IT said to the ANP.
It is unclear how many companies in the Netherlands have been affected by the ransomware, or how they resolved the situation involving the hijacked files. Moreover, many organisations could well be infected without realising it. Most ransomware infections strike directly at their target, encrypting files and demanding ransom payments. SamSam takes a more sophisticated approach, however, lurking in the corporate network to sabotage backups and cause additional damage to systems before hijacking the files. “This is a new trend,” Groenewegen told the ANP. “They’re trying to maximise the chance that a victim will have no other options but to pay the ransom.”
Fox-IT: “Both SMEs and large companies were affected”
Sometimes the people who make the ransomware know exactly how much money a company has on its accounts. “That information is used to determine the amount of ransom demanded.” Ransom demands often start tens of thousands of euros and could go as high as several hundred thousand. The affected companies include both SMEs and larger organisations.
The ANP news report was picked up by countless new sites and relevant media
Frank GroenewegenChief Security Expert
- Publication date:December 2, 2018
- Source:ANP (Laurens Scholten)