According to BBC news, Two Iranian Hackers, who are known to operate within the SamSam Ransomware Group, have been identified and indicted by the U.S. Department of Justice (DOJ).
This progress into dismantling the SamSam hacking gang comes as the result of a collaborative effort by the United States DOJ, the United Kingdom’s National Crime Agency in tandem with West Yorkshire Police, the Royal Canadian Mounted Police, and the Calgary Police Service.
The suspects – Mohammad Mehdi Shah Mansouri and Faramarz Shahi Savandi – have been indicted on several counts including: conspiracy to commit fraud with a computer and conspiracy to commit wire fraud, among others.
Essentially, these attacks entail the hacker bludgeoning their way into a computer system using Remote Desktop Protocol (RDP) attacks. Once inside, they begin to spread out through the network to every machine they can access. After gaining entry to as many machines as possible, the hacker encrypts all of the information stored on these computers. This results in the owner being locked out of their own systems. It’s then that the hacker contacts the victim directly to demand a “fee” for unlocking their equipment. Usually the “fee” is a sum between $5,000 and $50,000.
This type of threat is particularly sinister when health care, and specifically patient PHI, is involved. Not only do the attackers have access to an entire database of personal identity information, but also to sensitive health data. If a health care institution is brought down by this sort of infiltration for any length of time, the results could be catastrophic.
Multiple victims in all sectors have been threatened by the group, up to and including entire cities and governmental institutions. Millions have already been paid out to the hacker gang in ransoms, while tens-of-millions more have been lost by businesses due to downtime and implementing measures to expunge the infiltration.
This occurrence has further illustrated why potentially vulnerable establishments need to take extra care and steps to ensure that their networks are robust enough to repel digital threats. Adhering to HIPAA standards is essential, not just to maintain appropriate standards in handling PHI, but also as a way to strengthen Cyber Security practices to block attacks like those perpetrated by the SamSam Ransomware Group.
It’s hard to imagine a catastrophic infiltration of your systems until it happens. Then you’re left to pick up the pieces. Connect with HIPAAgps today to help prepare yourself, and your business, for the worst-case-scenario to avoid finding out what picking up those pieces feels like.