A recent statement from the State of Colorado’s governor’s office has said that parts of the Colorado Department of Transportation’s computer systems have been infected with ransomware. The ransomware is demanding a payment in Bitcoin in order to release the systems from the grips of the malware. They have not said how much the hackers are demanding in payment.
Ransomware has been in use for quite some time, and often demands payments in bitcoin because of the fact that it is hard to track, and impossible to reverse once the payments are made. This version of malware finds important documents or systems, and encrypts them so that they are inaccessible. The only way to get them back is to pay the ransom, at which point the hackers will decrypt the data and move on to their next target.
Of course, data that is properly backed up can always be restored from a point prior to the infection. Unfortunately, many people (individuals, businesses, and governments) still haven’t learned the importance of proper data backups.
The vast majority of hackers who use this type of attack actually do unlock the files once they are paid, which is why a growing percentage of people are actually willing to send the bitcoin as demanded.
State Spokesperson Brandi Simmons, however, commented that the state has never paid ransomware criminals before, and there is no plan to do so this time.
The specific systems infected, or the potential impact of the malware, hasn’t been released.