Ransomware viruses remain to be one of the biggest threats online. Some might have heard of these file-encrypting nightmares, but paid very little attention to them as it is common for people to think that they will never be bothered by such malware. However, anyone can become a victim of a crypto-virus: it only takes one wrong step to become infected.
Cyber-attack took place on a Wednesday morning
This time, The Colorado Department of Transportation (CDOT) has reported a cyber-attack. While employees of the department might have thought that Wednesday morning would not bring anything new, they were wrong. Unexpectedly, over 2 thousand computers in the department became infected with SamSam virus. All of the compromised devices were running Windows operating systems. You might know that such computers are considered the main targets of ransomware.
The Colorado Deportment of Transportation confirms this attack, but claims to have no intention of paying the ransom that hackers are demanding. In addition to encrypting data and locking the department’s access to computers, crooks had another goal: information theft. However, this did not work out for them as the department explains that no data was stolen.
CDOT will not pay the ransom and plans an investigation
After the attack, all compromised devices were taken offline. CDOT is trying to complete an analysis, explaining how the hackers hacked into their system. Luckily, none of the traffic cameras and message boards were affected by the ransomware. The entire department, together with trained specialists, is working on a solution.
This is not the first time then SamSam ransomware has targeted organizations: virus has already made money from cyber-attacks against Indiana hospital. However, CDOT is not following this example and plans to fight back. The department does not plan to give hackers the satisfaction: they will not pay the ransom. This attitude is very admirable and should be followed by all victims of ransomware. However, sometimes paying the ransom appears to be the practical choice. For instance, Indiana Hospital explained that it was cheaper to simply pay the hackers than to restore all of the compromised data.
We first detected SamSam ransomware in the summer of 2016. Over the years, the crypto-malware continued with its malicious strategy. With the attack against The Colorado Department of Transportation, it is re-claiming its positions as a serious cyber threat. After this attack, it is unknown which organization or a business company is going to be targeted next. However, we hope that people will try to make all of the preparations for the cyber-attack: update their software, make stronger passwords and avoid unknown files.