While many types of ransomware are spread indiscriminately, SamSam in used in a targeted fashion, with the threat actors spending time performing reconnaissance by mapping out the network before encrypting as many computers as possible. A successful SamSam attack will likely be highly disruptive. In the worst-case scenario, if no backups are available or if backups are encrypted by SamSam, valuable data could be lost permanently. Even if an organization does have backups, restoring affected computers and cleaning up the network will cost time and money and may lead to reputational damage. The vast majority of SamSam’s targets are located in the U.S. Of the 67 organizations targeted during 2018, 56 were located in the U.S. While healthcare was the most affected sector, a number of local government organizations were also targeted. Two organizations in Australia were also affected. Symantec.