We thought it was just the elections, but cyber hackers are on their way to just about everything, including Golf tournaments now.
Just two days before the Professional Golfer’s Association (PGA) Championship at Bellerive Country Club Missouri, hackers breached the computer servers of PGA America and have locked the officials out of access to important tournament files relating to the tournament and the upcoming Ryder Cup in France. They have also demanded ransom in the form of Bitcoin to reinstate access to the locked files. The hackers’ message included a Bitcoin wallet number, although they did not specify the ransom amount and Bitcoin wallets are not keyed to a particular person or entity, hence could not be tracked to identify the suspects.
Staff reported that their computer security had been compromised after several attempts to operate tournament files generated a strange message. The threat read: “Your network has been penetrated. All files on each host in the network have been encrypted with a strong algorithm [sic].”
The hackers also threatened to corrupt all existing files, which would render them unrecoverable if a strive to break the encryption were made. Another statement warned: “Any attempt to break the encryption may lead to impossibility of recovery of certain files.”
The hackers further stated:
We exclusively have decryption software for your situation. No decryption software is available in the public,
The locked files mostly contained creative material and design for use in digital and print advertisement of the PGA Championships. Some of the files also included logos for the future championships that had been in development for over 12 months. The PGA of America does not intend to pay the ransom and will make an attempt to break the encryption to regain control of their system.
A PGA spokesman told that he has no comment as the incident was ongoing.
He did add, however, that the PGA Championship would not be affected.
The organization’s IT team has made consistent attempts to recover the affected servers, but as of Wednesday afternoon they had still neither been able reinstate control of their systems nor had tracked the identity of the hackers involved. It’s not believed that the hacking has not yet impacted the PGA Championship and outside IT experts have been engaged to ensure the tournament is unaffected. If as reported, the PGA sticks with their guns and does not pay the ransom demanded, it would be unlike previous high profile ransom hacks where several have succumbed to paying the demanded ransom in desperate bids to regain control.
Cyber Security expert Matthew Hickey said:
Because the incident occurred right before the start of PGA Championship, it’s likely the hackers were trying to maximize the effect of their attack,
He also told:
They would have picked a date to cause as much disruption as possible,
A research conducted by Syphos, a cybersecurity firm based in the UK has found that a ransomware known as ‘SamSam’ has generated Bitcoin more than worth $6 million for it’s creator since it was released almost 3 years ago. Since 2016, the SamSam operator has made around $300,000 every month from its victims, which happens to include some high-profile targets from healthcare and government. However, Sophos study finds that the private sector has suffered the most. In another revelation, 74% of the victims belong to the United States, while and the UK and Canada follow with 8% each, the research shows.
Software that locks data and demands that a ransom be paid to grant access again, is known as ransomware.
It has become an increasingly popular method of cornering individuals and business entities, and blackmailing them to pay ransom charges that are demanded. But most cyber security experts advise against paying any ransom amount, as their is no particular guarantee that the hackers would unlock the hacked software or files, once the ransom has been paid. Further that their identity is untraceable and it would be a huge risk to pay a huge amount to any unknown group. This would also encourage them to become involved in further such thievery.