Although Ransomware has been on the rise for some time now, the hackers behind such Ransomware attacks are getting wiser to both proactive and reactive measures to ensure that machines are kept clean. Now we’re seeing a rise in pinpoint accurate attacks. Where before Ransomware would attempt a general infection of your system, with some prioritized targets, new Ransomware like SamSam target specific components of your machine. As they do, they can quickly and efficiently disable a machine and render machines useless in a timely fashion.

With this new strain of Ransomware comes a new way of handling Ransomware attacks, and there are ways we can implement stronger strategies and systems to ensure that our systems and data are protected.


The government, Health Care, and Educational Organizations are, particularly at risk.

As many computing experts will attest to, no two strains of Ransomware are the same. Different strains will target different systems, data, and industries; and SamSam is no different. This particularly efficient strain targets Government, Health Care, and Educational Organizations.

In 2018 alone SamSam has infected machines for healthcare organizations like Hancock Health and Adams Memorial Hospital. The city of Atlanta was hit particularly hard, and the Colorado Department of Transportation was infected, not once, but twice within the same month.

The truth is that organizations need reliable and effective data protection. We should mention that many users of our instant time machine software, RollBack Rx, reported that due to its continuous data protection they were able to prevent data loss; and avoid costly downtime and service disruptions.


SamSam Can Evade Most Anti-Virus Programs

Whether you use a computer at home or in a corporate environment, many users rely on an Anti-Virus solution to detect and prevent machines from infection. Anti-Virus tools are not always able to detect and respond to threats, and this is sadly the case with SamSam.

Due to this, it’s strongly recommended that organizations approach SamSam and other Ransomware with a multi-layered security approach. This includes having backups of your data and protecting your data with encryption and data protection. Luckily for RollBack Rx users, the program utilizes a HIPPA-compliant 256-AES encryption. Which coupled with a disk imager, provides 100% protection for the system and data.


SamSam Is Not Spread By Email; Making User Training Irrelevant

Many Ransomware tools are spread via email, meaning that with proper training of your End Users, you too can potentially avoid infection. While endpoint protection is always critical to ensuring that your machines stay protected, it’s going to be your only protection against SamSam, which is not spread by email, thus making user training irrelevant to stopping the spread of the ransomware.

This is why testing your Endpoint Protection and making sure that your Endpoint Security is as robust and effective as possible. There are a few ways you can improve your cybersecurity.


1) Employ a centralized patch management system which can detect and patch vulnerabilities. Enabling you to have better control over resolving potential vulnerabilities.

2) Adopt the principle of least privilege. Which means only giving employees, vendors, and/or contractors access to files, applications, or servers unless it’s a necessity for them to execute their jobs.

3) Regularly backup your data—and verify that your backups have been completed successfully


Maintain redundant copies of your backup—ideally at least three copies, with one of those copies offline

Luckily there are programs like our instant restore on reboot program, Reboot Restore Rx Pro, which can save your machines clean state and will restore to it frequently, thus removing any unwanted changes, including SamSam. It also allows for automated installation of Windows and Application Updates. Making patch management easier than it’s ever been!

RollBack Rx Pro and Drive Cloner Rx Pro are able to create backups of your system, thus allowing for our instant time machine to restore your system from an infection in a matter of seconds. Drive Cloner Rx is our bare metal recovery tool which can provide a complete system recovery from backup images or cloned drive. Offering 360° Protection with a full system backup with your RollBack Rx snapshots intact.

Feel free to contact our knowledgeable staff if you have any questions about protecting your machines from SamSam. It’s a small investment which will save your organization thousands of dollars.

Feel free to contact us anytime through our social media. We’re on Facebook, Twitter, Spiceworks, Youtube, and many other platforms! We’re available Monday to Friday, from 5 AM to 5 PM Pacific Standard Time (PST). Feel free to call us at 1-800-496-0148, Submit A Ticket, or you can always open a chat with us!

Leave a Reply