ConsumerMoneyScience and Tech


Ransomware attack leaves CDOT contract workers without jobs

Department was attacked twice since late February
Posted at 5:58 PM, Mar 12, 2018
and last updated 2018-03-12 20:30:40-04

DENVER – Hackers targeted the Colorado Department of Transportation (CDOT) nearly 20 days ago in two separate attacks, and the department still has not made a full recovery.

It is unclear when systems will be fully restored, but the hit has trickled down and has impacted more than a handful of contract workers.

Though CDOT employees were not impacted by the SamSam  ransomware attacks, contract workers were — and they are now are struggling to make ends meet.  

These individuals, hired by the department to do specialized work, were essentially put on “hold,” as CDOT spokeswoman Amy Ford put it.

The specific group of workers were crash coders.

Shirley Green, 66, was one of seven crash coders whose work has been affected by the ransomware attack, said that without properly working systems she isn’t getting paid.

“I understand that wholeheartedly it’s not CDOT’s fault. It just happens to trickle down,” Green told Denver7.

“Our last day of work was the 21st of February, when the ransomware software hit,” she added.

Green has been out of a job since.

“There's seven of us in my immediate group. I haven't talked to any of them so I don't know how they are doing, no idea… But I imagine, you know, they're hurting,” Green said.

She said the group tracked crash numbers, monitored trends, and performed all job functions from working computers.

“We actually asked them to stand-down right now while we resolve all of the issues and start bringing these systems back online,” Ford said in response to Green.

Ford explained the group would be unable to do their jobs because of the ransomware issues.

As Denver7 reported on March 1, the department’s systems are being held hostage by hackers who have asked for Bitcoin in return for the hijacked files.

“Why do people do this,” Green asked while holding back tears. “I just don't understand.”

Since she stopped working at CDOT, Green has continued to look for work. She has not found any success.

The FBI, Colorado National Guard and private security experts are working to figure out where the attacks are coming from.

In the meantime, CDOT remains open for business.

“In some cases, we've reverted to pen and paper," Ford said. "In other cases, we've been working offline with different kinds of documents.”

“The public, as far as we’re concerned though, hopefully sees no impact to the level of work and the level of service that we’re able to provide,” Ford added.

She said once systems are restored, CDOT has plans to bring the group of crash coders back.

This is a development Green said cannot happen soon enough.

“We're at the bottom of the totem pole, and that's part of life,” Green said. “It's just… it hurts.”

Brandi Simmons with the Governor's Office of Information Technology said the office is bringing systems back online according to the priority CDOT set.

Simmons couldn’t elaborate too much, as the investigation and restoration efforts are still on-going.