2,000 Colorado DOT computers infected with SamSam Ransomware

Another day, another ransomware scam – This time, it is the SamSam ransomware that has infected computers system at Colorado Department of Transportation (CDOT).

According to the latest news from Colorado’s governor office, some state-owned computers at the Colorado Department of Transportation (CDOT) have been held for ransom. Reportedly, over 2,000 computers were infected with SamSam ransomware virus on Wednesday.

All infected computers ran on Windows

After being infected with the ransomware, the state’s spokesperson Brandi Simmons stated that the affected computers ran on Windows operating system allowing hackers to lock the files and block users from accessing them unless a ransom was paid in Bitcoin cryptocurrency.

The issue was identified by security software installed on the targeted systems. All the infected servers are now offline but critical systems are in use while the state spokesperson hasn’t yet confirmed the exact number of computers that have been affected.

Hackers infect 2,000 Colorado DOT computers with SamSam Ransomware
Screenshot of the ransom message displayed by SamSam ransomware.

The chief technology officer in Colorado David McCurdy stated that the staff at CDOT managed to quarantine the ransomware so that it doesn’t spread. It was also clarified that neither the state has paid ransom to cybercriminals in the past nor will it do so this time.

Currently, the Federal Bureau of Investigation and the Governor Hickenlooper’s Office of Information Technology (OIT) are collaborating to discover the source and cause of the hack attack. The impact and repercussions of the hacking also are under consideration by the investigators.

McCurday stated that: “OIT, FBI and other security agencies are working together to determine a root cause analysis. This ransomware virus was a variant and the state worked with its antivirus software provider to implement a fix today.”

Backup at work – No ransom paid

It is worth noting that the attackers cannot reap any benefits because the department already has the backup of the lost data. This is why the hackers have no chance of receiving the asked ransom. The Office of Information Technology also revealed that all the connected systems including message boards and traffic cameras remained unaffected by the attack.

Colorado’s Governor’s Office of Information Technology is also planning to implement a reliable solution to prevent future attacks 

Previously, SamSam ransomware was used to target public and private institutions and the most recent known target is Hancock Regional Hospital, which had to pay $45,000 ransom in bitcoin within just a day.

Image credit: DepositPhotos

Uzair Amir

I am an Electronic Engineer, an Android Game Developer and a Tech writer. I am into music, snooker and my life motto is 'Do my best, so that I can't blame myself for anything.'