Skip to main content
close search
site logo
Dive Brief

Cisco: 'Self-propagating' ransomware on the horizon

Published April 12, 2016
By
Contributing Editor
Dollar Photo Club

Dive Brief:

  • A report released by Cisco Systems on Monday examined a new type of ransomware that can operate without human intervention.
  • The straincalled Samas or samsamis used to target large networks rather than one computer at a time.
  • Samas is believed to be responsible for the attack on the MedStar Health Inc. hospital chain. MedStar Health, one of the largest medical service providers in the U.S. capital region, was crippled by a virus March 28.

Dive Insight:

In late March, the FBI issued a confidential advisory asking businesses and IT security experts to help it track down Samas. The alert was the latest in a series of FBI advisories and warnings from security researchers about new ransomware tools and techniques, which have exploded over the last six months.

Self-propagating ransomware could be a nightmare for companies already dealing with these rising ransomware threats. Last November, Intel Corp.’s McAfee Labs predicted ransomware would grow significantly in 2016. Cybercriminals make an estimated 1,425% ROI for exploit kit and ransomware schemes, which gives them plenty of motivation to keep innovating.

"The age of self-propagating ransomware, or cryptoworms, is right around the corner," Cisco's report said.

Samas uses a JBoss application server vulnerability to gain access to a network. JBoss is used by some of the largest enterpises. Once hackers gain access, they can implant a tool to steal credentials, spread it throughout the system while leaving behind a rash of encrypted digital files. 

Recommended Reading

Filed Under: Security

Editors' picks

Company Announcements

View all | Post a press release
Welo Data Launches Innovative Model Assessment Suite, Advancing Multilingual Causal Reasoning …
From Welocalize, Inc.
December 17, 2024
Newgen Software Receives Guidewire PartnerConnect Technology Excellence Award
From Newgen
January 02, 2025

Want to share a company announcement with your peers?

Get started

Editors' picks
Latest in Security
Industry Dive is an Informa TechTarget business.
© 2025 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.