SamSam ransomware attacks have resurged and the cybercriminals behind the campaign are now demanding more ransom from victims than ever before. Security experts recently spotted a new variant of SamSam ransomware. Although the new variant did not include too many updates, it came with changes to the ransom note.
In April, a hospital in New York was hit by the SamSam ransomware. The attack crippled systems to such an extent that it was a month before the hospital's IT systems were fully restored. The hackers demanded that the hospital pay $44,000 in ransom (£34,000), a demand the hospital refused to comply with, given that they reportedly had backups for some of its records.
"Whether to pay or not is a very individual thing said Thomas Quatroche, president and chief executive officer of Erie County Medical Center, Buffalo News reported. "If you have no backup, you have no choice."
"What's happening is a form of terrorism like an attack on critical infrastructure," Quatroche added. "It's a call to action to view cybersecurity the way we do law enforcement, to raise the profile of the issue."
According to security experts at Alien Vault found that the new variant of the SamSam ransomware was demanding higher ransoms from victims. The cybercriminals behind the campaign are now demanding 1.7 Bitcoin ($4,600) for a single machine and 12 Bitcoins ($32,800) for multiple infected systems.
"The most recent attacks appear to have been successful, at least from the attackers point of view. The Bitcoin address associated with this week's attacks has received $33,000," Alien Vault researchers said.
In 2016, the ransomware hit the major US hospital chain MedStar. However, in comparison to recent attacks, the hackers then demanded just a little over $12,000 in ransom. Although SamSam is not considered to be one of the more sophisticated ransomware variants out in the wild, its apparent success in raking in bitcoin ransoms led the FBI to issue out two separate alerts last year.
According to a report by Kaspersky, ransomware attacks in the past few years have evolved and are "becoming increasingly targeted" because "criminals consider targeted ransomware attacks against businesses potentially more profitable than mass attacks against private users."
Kaspersky also said that ransomware authors are now targeting "previously unreached countries, where users are not as well prepared for fighting ransomware, and where competition among criminals is not so high."