More than 2,000 agency computers had to be shut down to prevent the ransomware from spreading across the entire infrastructure.
The critical systems used to manage road traffic and alerts were not affected.
The attackers encrypted some files and requested bitcoin in exchange for the decryption key.
A hospital in Indiana paid $55,000 to restore its systems.
Although they had data backups, they chose to pay the ransom.
TPRM report: https://www.rankiteo.com/company/colorado-department-of-transportation
"id": "col12226622",
"linkid": "colorado-department-of-transportation",
"type": "Ransomware",
"date": "6/2017",
"severity": "75",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'industry': 'Public Administration',
'size': 'Large',
'type': 'Government Agency'}],
'data_breach': {'data_encryption': 'Some files encrypted'},
'description': 'More than 2,000 agency computers had to be shut down to '
'prevent the ransomware from spreading across the entire '
'infrastructure. The critical systems used to manage road '
'traffic and alerts were not affected. The attackers encrypted '
'some files and requested bitcoin in exchange for the '
'decryption key. A hospital in Indiana paid $55,000 to restore '
'its systems. Although they had data backups, they chose to '
'pay the ransom.',
'impact': {'financial_loss': '$55,000',
'systems_affected': '2,000 agency computers'},
'motivation': 'Financial Gain',
'ransomware': {'data_encryption': 'Yes',
'ransom_demanded': 'Bitcoin',
'ransom_paid': '$55,000'},
'response': {'containment_measures': 'Shut down 2,000 agency computers'},
'title': 'Ransomware Attack on Agency Computers',
'type': 'Ransomware'}