SamSam Ransomware Takes Down Colorado DOT

September 29, 2022

INCIDENT

The Colorado Department of Transportation (CDOT) was hit by a SamSam ransomware attack that penetrated a temporary system being tested without full security. Once inside, bad actors used it to access CDOT, ultimately affecting roughly half its computing environment, around 400 servers, all databases and applications and around 1,300 workstations. The agency was back to 80 percent functionality six weeks after the ransomware attack, at an estimated cost of up to $1.5 million. The state’s new backup system prevented data loss, but personal data on employees’ computers may not be recovered.

Incident Date

February 21, 2018

Estimated Cost

Ransom not paid. Cost of responding to the attack $1.500,000

Type of Malware

Threat Source

No threat source identified