are on the rise and operators a re demanding Attack.Ransommore than ever from their victims , researchers have warned . Ransomware , a kind of malware which locks infected systems , encrypts files and d emands a payment Attack.Ransomin return for decryption , can be debilitating for businesses . Without access to core networks and systems , many firms and organizations w ill pay up Attack.Ransomrather than suffer through disruption which can be far more costly in the long run . Consumers also face the same issue , albeit on a personal scale , and while security experts caution that paying up only funds this kind of cybercrime , losing access to your files , photos , and media can be devastating . When p ayment demands Attack.Ransomare a few hundred dollars or so , victims may be more inclined to p ay the fee.Attack.RansomHowever , the SamSam ransomware i s now demanding Attack.Ransomfar more than the average person would be able to raise . Written in C # , SamSam is usually installed after an unpatched , known server vulnerability i s exploited.Vulnerability-related.DiscoverVulnerabilityIt is believed the threat actors behind the ransomware are relatively new to e xtortion,Attack.Ransomhaving spent the last few years gradually scaling up t heir demands.Attack.RansomThe ransomware caught the attention of the FBI last year , resulting in two alerts being issued . `` MSIL or Samas ( SAMSAM ) was used to compromise the networks of multiple US victims , including 2016 attacks on healthcare facilities that were running outdated versions of the JBoss content management application , '' the FBI says . `` SAMSAM exploits vulnerable Java-based Web servers . SAMSAM uses open-source tools to identify and compile a list of hosts reporting to the victim 's active directory . '' `` The actors then use psexec.exe to distribute the malware to each host on the network and encrypt most of the files on the system , '' the FBI added . `` The actors c harge Attack.Ransomvarying amounts in Bitcoin to provide the decryption keys to the victim . '' According to AlientVault researchers , the ransomware is more akin to a targeted attack than opportunistic ransomware . After being installed on one machine , the ransomware propagates and spreads to any others in the network . SamSam attacks can result in web shell deployment , batch script usage for running the malware over multiple machines , remote access , and tunneling . The ransomware has recently been updated , and will now d emand Attack.Ransomdifferent p ayments Attack.Ransomdepending on the scope of infection . If one machine has been infected , 1.7 Bitcoin ( BTC ) , roughly $ 4,600 , i s demanded.Attack.RansomIf more machines are locked by the ransomware , half will be decrypted for 6 BTC ( $ 16,400 ) , and for all of them , a total of 12 BTC , or $ 32,800 , i s demanded.Attack.RansomLast week 's a ttacks Attack.Ransomappear to have been successful , with $ 33,000 b eing paid Attack.Ransomto a Bitcoin wallet associated with SamSam . While SamSam is not the most sophisticated kind of ransomware out there , the successful exploit of victims reminds us that this malware is out in the wild . Like so many other kinds of ransomware , however , keeping systems patched and up-to-date can prevent infection . An NYC hospital w as forced Attack.Ransomto either p ay Attack.Ransom$ 44,000 to SamSam operators or lose access to their systems after a successful infection . However , the organization refused to capitulate to the hacker 's d emands Attack.Ransomand instead endured a month of disruption before the hospital 's systems were restored . Another ransomware variant which has hit the headlines is WannaCry . After striking down hospitals and businesses across the globe , the Windows-based malware is yet to finish its rampage , with an estimated 300,000 victims worldwide .
( CNN ) Atlanta 's mayor on Thursday urged anyone with personal information in city information systems to check their financial records as an investigation continues into a r ansomware attack Attack.Ransomon the city . Ransomware is a malicious software that prevents or limits users from accessing their system by locking them out until a ransom is paid.Attack.RansomNBC affiliate WXIA reported that the city received a ransom demand Attack.Ransomin bitcoin for $ 6,800 per unit or $ 51,000 to unlock the entire system . CNN has not independently confirmed the report . Mayor Keisha Lance Bottoms advised city employees to contact credit agencies and monitor their bank accounts in case their personal data w as compromised.Attack.DatabreachShe urged the public to take the same precautions while investigators work to determine the scope of the attack . `` We do n't know the extent so we just ask that you be vigilant , '' Bottoms said in a Thursday news conference . `` All of us are subject to this attack , if you will . Many of us pay our bills online , we have direct deposit , so go online and check your bank statements . '' Atlanta Chief Operating Officer Richard Cox confirmed that the city received a written d emand Attack.Ransomrelated to t he attack.Attack.RansomWhen asked in the news conference if the city was going to p ay a ransom,Attack.RansomBottoms said , `` We ca n't speak to that right now . '' `` We will be looking for guidance from , specifically , our federal partners on how to best navigate the best course of action , '' she said . The Federal Bureau of Investigation and Department of Homeland Security are investigating the cyberattack , which Atlanta Information Management officials learned of Thursday at 5:40 a.m. , Cox said . DHS spokesman Scott McConnell said the agency offered technical expertise and support and referred questions to the city . The city announced outages earlier Thursday to various customer-facing applications , including those used to pay bills and access court-related information . Thursday afternoon , Cox said several departments were affected , too . Some city data remains encrypted while investigators continue to determine the scope of t he attack,Attack.Ransomhe said . The city 's payroll has not been affected , he said . Public safety and water services are operating without incident . The city engaged Microsoft and a team from Cisco 's Incident Response Services in the investigation , Deputy Chief Information Officer Daphne Rackley said . When asked if the city was aware of vulnerabilities and failed to take action , Rackley said the city had implemented measures in the past that might have lessened the scope of the breach . She cited a `` cloud strategy '' to migrate critical systems to secure infrastructure . `` This is not a new issue to the state of Georgia , it 's not a new issue to our country . We have been taking active measures to mitigate any risk in the past . '' In the meantime , the mayor urged caution . `` We do n't know if it 's limited to information related to just our employees or if it 's more extensive than that . But because we do n't know I think that it would be appropriate for the public just to be vigilant in checking their accounts and making sure your credit agencies also have been notified . ''