DOT hit by 'ransomware' trojan

The Transportation Department ' along with Booz Allen Hamilton, Hewlett-Packard, Nortel Networks and Unisys ' recently had data on some desktop computers encrypted and held for ransom, according to a British Internet security provider.

In a blog on Prevx's site (www.prevx.com), Jacques Erasmus wrote of finding a new variant of malware that encrypts the contents of the user's hard drive. It then shows a message offering to unencrypt the drive for $300.

According to the company's technical analysis (GCN.com/813), the malware, called NTOS.exe, scours a hard drive for sensitive information, encrypts the drive and uploads the content to a secret site.

Employees were tricked into downloading the spyware, which Erasmus dubbed ransomware, by embedding it in an e-mail message or advertisement for job listings, according to the company.

The analysis also concluded that 'the files aren't so strongly encrypted as claimed,' and it is therefore not necessary to pay $300 to decrypt the files. The company has a decryption tool available on its site.

Prevx was able to look at encrypted files uploaded to the secret holding area. The 6,317 files found on the site were tagged with IP addresses, presumably the ones from which they came. One file seemingly originated from the Bladensburg, Md., office of the Transportation Department.

Erasmus said the unencrypted file contained 500K of sensitive data.

About the Author

Joab Jackson is the senior technology editor for Government Computer News.

Featured

  • business meeting (Monkey Business Images/Shutterstock.com)

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (Shutterstock.com)

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected