[HEALTHCARE] American hospitals and official sites attacked by SamSam ransomware

  Healthcare institutions have critical equipment poorly secured. Last May, the British NHS health system was one of the main victims of WannaCry ransomware. Thousands of consultations, examinations and surgical interventions had to be cancelled in more than 40 establishments due to the blocking of terminals. In March 2016, a hospital in Boulogne was targeted by three cyberattacks via the Locky virus, blocking access to approximately 10,000 files. In February 2018, a Californian hospital had to pay the equivalent of $17,000 in Bitcoin to regain access to its computer system.

Many institutions still operate with an obsolete IT environment, confirm McAfee specialists. In February 2018, a version of the SamSam ransomware would have targeted many American public infrastructures, as well as hospitals and ICS  companies, resulting in a blocking of all files and resources of the impacted networks. The method of the SamSam ransomware attackers would be to scan the Internet to detect computers with an open RDP connection and then force their way for accessing points in order to spread itself to other computers on the same network. Among the targeted hospitals, the American Hancock Health hospital admitted having paid a ransom of $55,000.