Samsam ransomware attack on U.S. Hospitals threatens patient’s lives

Heartless hackers recently held 10 U.S. hospitals and the lives of sick people at ransom.

For $18,500 US, they endangered Washington and Baltimore patients by infecting key medical systems.

The hackers did this by targeting and infecting the hospital’s not-for-profit parent organization, MedStar, with a nasty new ransomware.

The ransomware—Samsam—requires no human interaction to activate. Unlike most ransomware, which targets humans, it targets servers instead.

According to MedStar spokesperson Ann Nickels, lives could have been lost if not for the quick thinking and preparedness of their IT staff.


When Samsam hit, MedStar’s IT department detected the intrusion. Immediately, they shut down most of their network operations.

It was only because they had backups on hand that they were able to restore three main clinical systems and protect the lives of their admitted patients.

Not only did the act protect the sick, it foiled the plans of the SAMSAM attackers, who were upstaged by the IT staff.

It’s not the first hospital to be attacked this year. Hackers have learned with a few lines of code they can freeze medical systems and delay patient treatment, holding lives at gunpoint.

With so much at stake, most hospitals hastily pay the ransomers. And afterwards, the hackers seem to be encouraged.

The Hollywood Presbyterian Medical Center in Los Angeles: another target of Ransomware.

Earlier this year, a Los Angeles hospital paid US $17,000 to ransomware attackers. Directly after, dozens of hospitals in California, Nevada and Kentucky were fresh victims of the ransomware attacks.

Just a week before the MedStar incident, the FBI sent out a flash warning about Samsam, but it did little to mute it. The only thing that did was a proper backup strategy.

It’s another example of why backups for organizations—both profit and not-for-profit—are not an option, but a necessity. Even the sick aren’t safe from ransomware.

These attacks come in the wake of criminal coders starting to offer ransomware-as-a-service, selling their software to would-be blackmailers.

The age of ransomware that started in 2013 with CryptoLocker seems to be getting worse before it gets better.

For any business or organization, big or small, we suggest using a reliable backup and recovery program like BackupAssist and implementing a proper backup strategy.

Share on email
Share on print
Share on facebook
Share on google
Share on twitter
Share on linkedin



Start your free 30-day trial today