Hackers Demand Ransom to Unlock Hijacked Files of Upcoming PGA Golf Championship.
Hackers seem to have a penchant for targeting high-profile events. After successfully attempting to make American presidential elections questionable, now cybercriminals have their eyes set on key PGA tournaments.
Reportedly, to jeopardize this week’s PGA Championship, which is due to be held at Bellerive Country Club, hackers have hijacked computer servers of the PGA of America. They not only stole sensitive marketing related files but also encrypted them with ransomware. Officials cannot access crucial data related to the PGA Championship and of a forthcoming event in France, the Ryder Cup.
The attack occurred on Tuesday morning and identified by officials after all the locked files generated a message stating that:
“Your network has been penetrated. All files on each host in the network have been encrypted with a strong algorythm [sic].”
However, according to a PGA spokesperson, the PGA Championship will be held as per the schedule and won’t be affected at all. It must be noted that all the PGA Championship golf tournaments are operated by the PGA of America.
The hijacked documents contain marketing materials of the above-mentioned tournaments. Hackers managed to encrypt the data stored on the compromised servers, which largely included promotional banners. It also contained logos that will be used for future digital and print marketing. In order to reclaim access to the files, PGA officials are asked to pay a ransom.
Hackers have provided an email and a Bitcoin address as well but haven’t yet specified the ransom amount required. They also offered to decrypt two files to prove that they can unlock these files if the ransom is paid. They also noted in their message that the decryption software isn’t publicly available so, only they can decrypt the files. Moreover, they warned that if the organization attempted to crack the encryption, it would lead to loss of entire data.
However, security experts are advising against paying the ransom because it will encourage other hackers to indulge in such activities even more. Also, it isn’t yet guaranteed whether the hackers will surely unlock the encrypted files after a ransom is paid or not. Perhaps, hackers would want to gain maximum profits from this feat as they have targeted the PGA of America right before the start of PGA Championship.
As per Tim Bandos, Vice President of global cybersecurity at Digital Guardian “Ransomware is incredibly dangerous as it not only encrypts sensitive data, rendering it inaccessible, but it can also disrupt critical applications and systems, causing major outages and stoppages in operations.”
“We can expect cybercriminals to continue to exploit common vulnerabilities in these types of opportunistic ransomware campaigns – and we strongly encourage companies to patch vulnerabilities as quickly as they can while ensuring all systems and programs are up to date.”
The IT team at PGA of America is trying to resolve the issue but couldn’t completely regain control of the files until Wednesday. The hacking source also has not been identified. The organization did not comment on this incident as yet because it is an ongoing issue.
Image credit: Depositphotos