• About Us
  • Advertising
  • Digital Magazine
  • Supplements
  • Media Pack
  • Privacy Policy
  • Contact us
CXO Insight Middle East
  • News
  • Opinion
  • Business
    • Industries
      • Transport
      • Retail
      • Government
      • Real Estate
      • Education
      • Energy
      • Banking and Finance
    • Channel
  • Future
    • Tech
    • Gadgets
    • Science
    • Space
    • Sustainability
  • Events
    • Channel Awards
      • 2025
      • 2024
      • 2023
    • Channel Insights Summit 2025
    • Insight Innovation Summit
    • CXO50 Oman
    • CXO50
    • ICT Awards
      • Dubai 2025
      • Saudi Arabia
    • Cyber Strategists Summit
    • Cloud Connect 2025
    • All events
  • Digital Magazine
  • GITEX GLOBAL
No Result
View All Result
CXO Insight Middle East
  • News
  • Opinion
  • Business
    • Industries
      • Transport
      • Retail
      • Government
      • Real Estate
      • Education
      • Energy
      • Banking and Finance
    • Channel
  • Future
    • Tech
    • Gadgets
    • Science
    • Space
    • Sustainability
  • Events
    • Channel Awards
      • 2025
      • 2024
      • 2023
    • Channel Insights Summit 2025
    • Insight Innovation Summit
    • CXO50 Oman
    • CXO50
    • ICT Awards
      • Dubai 2025
      • Saudi Arabia
    • Cyber Strategists Summit
    • Cloud Connect 2025
    • All events
  • Digital Magazine
  • GITEX GLOBAL
No Result
View All Result
CXO Insight Middle East
No Result
View All Result

US indicts Iranian hackers for ‘SamSam’ ransomware attacks

by Sarah Rizvi
December 4, 2018
in News
Study: $1 million is the average cost of a data breach in Middle East

The United States has indicted two Iranians for launching a major cyber attack using ransomware known as “SamSam” and sanctioned two others for helping exchange the ransom payments from Bitcoin digital currency into rials, Reuters reported.

The scheme reportedly ran over 34 months wreaking havoc on hospitals, schools, companies and government agencies, including the cities of Atlanta, Georgia, and Newark, New Jersey, causing over $30 million in losses to victims and allowing the alleged hackers to collect over $6 million in ransom payments.

The deployment of the SamSam ransomware represented some of the highest profile cyber-attacks on US.

The six-count indictment, unsealed in the District Court for the District of New Jersey, charges Iran-based Faramarz Shahi Savandi, 34, and Mohammad Mehdi Shah Mansouri, 27 with one count of conspiracy to commit wire fraud, one count of conspiracy to commit fraud related to computers, and other counts accusing them of intentionally damaging protected computers and illegally transmitting demands related to protected computers, Reuters reported.

“The allegations in the indictment unsealed today — the first of its kind — outline an Iran-based international computer hacking and extortion scheme that engaged in 21st-century digital blackmail,” said assistant attorney general Brian Benczkowski.

Several cybersecurity experts have shared insights on the indictment and the impact of the ransomware attack.

Kimberly Goody, manager, cybercrime analysis, FireEye, said, “FireEye has tracked SamSam activity dating back to late 2015, impacting organisations across multiple industry verticals. Notably, the indictment highlights numerous healthcare and government organisations that have been targeted. It is possible that the operators chose to target these organisations since they provide critical services and believed their likelihood of paying was higher as a result.

According to Goody, one of the starkest deviations between SamSam operations and traditional ransomware is the departure from more traditional infection vectors. While indiscriminate targeting is still heavily relied on by other actors likely to bolster operational scalability, there has been an increasing number of threat actors actively engaged in, more “targeted” attacks in which ransomware is deployed post-compromise.

“In our SamSam investigations, we observed activity consistent with that noted in the indictment including the exploitation of external servers as well as updates to their initial infection vectors over time. Deploying ransomware post-compromise also allows attackers the ability to better understand victim environments and to both deploy ransomware payloads more broadly and to identified high value systems – putting additional pressure on organisations to pay.”

“It is also important to note that while the actors named in the indictment are associated with the SamSam ransomware, this may just be their most lucrative operation. We have some evidence to suggest that they were investigating the possibility of stealing payment card data, and we have also seen the deployment of cryptocurrency miners in victim environments,” she added.

Tags: featured4SamSamSecurity
ShareTweet

Related Posts

Veeam at GITEX 2025: Championing ‘Radical Resilience’ with new data resilience innovations
Future

Axis Communications to unveil next-gen intelligent security technologies at Intersec Dubai 2026

December 19, 2025

The global security landscape is undergoing a profound transformation - shifting rapidly from traditional, reactive surveillance to a new era...

UiPath announces partnership with Snowflake
Business

Dynatrace expands collaboration with Google Cloud

December 19, 2025

Dynatrace announced it has expanded its collaboration with Google Cloud to help empower enterprises and developers to harness the full...

Discussion about this post

Latest Issue

December 2025

DECEMBER 2025

December 22, 2025
Channel Insights December 2025

Channel Insights December 2025

December 21, 2025
Veeam at GITEX 2025: Championing ‘Radical Resilience’ with new data resilience innovations

Axis Communications to unveil next-gen intelligent security technologies at Intersec Dubai 2026

December 19, 2025

The most trusted source of strategic intelligence for IT decision makers in the Middle East.

About

  • About Us
  • Advertising
  • Digital Magazine
  • Supplements
  • Media Pack
  • Contact Us

Policies

  • Privacy Policy
© 2025 – CXO Insight Middle East. All Rights Reserved.
Facebook-f X-twitter Linkedin
Separated they live in Bookmarksgrove right at the coast of the Semantics, a large language ocean. A small river named Duden.

About

  • About Us
  • Site Map
  • Contact Us
  • Career

Policies

  • Help Center
  • Privacy Policy
  • Cookie Setting
  • Term Of Use

Join Our Newsletter

© 2024 – CXO Insight Middle East. All Rights Reserved.

Facebook-f Twitter Youtube Instagram

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Join our mailing list
Sign up here to get the latest news, updates and special offers delivered directly to your inbox.
No Result
View All Result
  • News
  • Opinions
  • Business
    • Industries
      • Transport
      • Retail
      • Government
      • Real Estate
      • Education
      • Energy
      • Banking and Finance
  • Channel
  • Future
    • Tech
    • Gadgets
    • Science
    • Space
    • Sustainability
  • Events
    • Channel Awards
      • 2025
      • 2024
      • 2023
    • Channel Insights Summit 2025
    • Insight Innovation Summit
    • CX50 Oman
    • CXO50
    • ICT Awards
      • Dubai
      • Saudi Arabia
    • Cyber Strategists Summit
    • Cloud Connect 2025
    • All events
  • Videos
  • GITEX GLOBAL
  • Digital Magazine

© 2025 - CXO Insight Middle East. All Rights Reserved.