LabCorp, a clinical testing company has been recently attacked by SamSam ransomware. This company is known as one of the best medical testing laboratory which was reported a suspicious activity on July 14th over their network and also forced to shut down some of their computers. Based on the recent research report published by the malware researchers, this vicious attack was started in the midnight of July 13th. After the attack of SamSam ransomware virus, cyber security analysts at LabCorp had taken immediate action.
Due to the immediate response of IT specialists at LabCorp, plenty of systems were protected to avoid any damages. However, SamSam ransomware still manages to encrypt thousands of systems and servers of LabCorp company. According to the company, when the recovery process has started, they have gained around 90% of operational activity. Malware analysts at LabCorp have revealed that the cyber extortionists responsible for this malicious attack used the brute force attack against the Remote Desktop Protocol of the company in order to infect the targeted machines with SamSam ransomware.
Technically speaking, the malware manages to attack only Windows operating system based computers. Depth-analysis on this SamSam ransomware attack disclosed that around 7,000 systems and 2,000 servers were infected by this precarious virus. Although, among the attacked 2,000 servers, there are 3.5 hundred are the production servers. After the attack of this malware, the company agrees to apply two-factor authentication and even limit the access to their Remote Desktop Protocol in the future to protect their systems and servers from any potential threats.
However, LabCorp is the second victim of SamSam ransomware because the malware had already infected the Hancock Health using RDP attacks which is considered as most common method used by the hackers for attacking organizations or small-businesses. What’s more, right after the attack of this ransomware on their systems and servers, the security analysts at LabCorp responded immediately and manages to stop the propagation of SamSam ransomware and also neutralizes its attack just within 50 minutes. Hence, the company protected their servers from severe consequences.
Related News: SamSam Ransomware Comes Back To Target Hospitals
In addition to that, the company has taken some preventive measures after SamSam ransomware attack, and they have stored backup of their important copies consists all their crucial information. This recovery method really help during the intrusion and after the removal of such notorious file-encrypting viruses which protects them to avoid any type of data or even financial loss. Here, it is important for you to understand that criminal hackers mainly targets the medical institutions and infect them with ransomware threats like SamSam ransomware to gain benefited illegally.