SamSam Virus Shuts Down 2000 Computers at Colorado Department of Transportation

By:  |  Category: Blog, Security Thursday, February 22nd, 2018  |  No Comments

SamSam Virus: Colorado Department of Transportation employees were booted off their computers and forced to use old school methods of communication(AKA pen and paper) on Wednesday after a destructive ransomware virus encrypted their files and requested bitcoin for their return. Security officials were forced to turn off more than 2,000 employee computers while they investigated the attack.

“This ransomware virus was a variant and the state worked with its antivirus software provider to implement a fix today. The state has robust backup and security tools and has no intention of paying ransomware. Teams will continue to monitor the situation closely and will be working into the night,” said David McCurdy, chief technology officer, Governor’s Office of Information Technology, in a statement.

He added: “OIT, FBI and other security agencies are working together to determine a root cause analysis.”

The ransomware was a variant of SamSam, according to OIT spokeswoman Brandi Simmons. SamSam last appeared in January after targeting the healthcare industry. It encrypted files and renamed them “I’m sorry,” according to a report with security firm TrendMicro. One hospital, Hancock Health in Indiana, paid $55,000 to get its files back. TrendMicro said the attack wasn’t due to an employee opening an infected email, but hackers gained access remotely using a vendor’s user name and password.

Ransomware attacked CDOT first thing in the morning Wednesday, so affected computers were quarantined but all employee computers were turned off, according to Amy Ford, a CDOT spokeswoman. Only employee computers — running Windows and equipped with McAfee security software — were impacted.

“No one is back online. What we’re doing is working offline. All our critical services are still online — cameras, variable message boards, CoTrip, alerts on traffic. They are running on separate systems,” Ford said. “The message I’m sharing (with employees) is CDOT operated for a long time without computers so we’ll use pen and paper.”

There’s only one Mac computer in the office and it wasn’t turned on, Ford said, because “We’re not messing around today.”

If you are concerned about your business security, give EnhancedTECH a call at 714-970-9330 or contact us at [email protected] for a complimentary consultation.

Samantha Keller

Director of Marketing and PR at EnhancedTECH
Samantha Keller (AKA Sam) is a published author, tech-blogger, event-planner and mother of three fabulous humans. Samantha has worked in the IT field for the last fifteen years, intertwining a freelance writing career along with technology sales, events and marketing. She began working for EnhancedTECH ten years ago after earning her Bachelor’s degree from UCLA and attending Fuller Seminary. She is a lover of kickboxing, extra-strong coffee, and Wolfpack football.Her regular blog columns feature upcoming tech trends, cybersecurity tips, and practical solutions geared towards enhancing your business through technology.
Samantha Keller

Latest posts by Samantha Keller (see all)

Leave a Comment
Read previous post:
Wireless Security
It’s Time to Take Wireless Security Seriously

When round after round of cyber attacks hit last year, such as WannaCry and Not Petya ransomwares, businesses dropped billions...