Cyber Attackers have taken over the control of computer servers belonging to the PGA of America, demanding a bitcoin ransom from the famed golf association in order to return control to them.
Officials were locked out of critical files that relate to the PGA Championship and the upcoming Ryder Cup in France. While trying to work on the files, they reportedly received a message on their screens.
“Your network has been penetrated. All files on each host in the network have been encrypted with a strong algorithm,” an anonymous hacker wrote in the ransom note to the PGA. “This may lead to the impossibility of recovery of certain files.”
Staff discovered ransomware in their computer systems two days before the PGA Championship, which tees off in Missouri. Ransomware works by encrypting the data held on a network’s servers, which the hackers then demand a ransom.
Hackers stole files containing creative materials for various platforms that included promotional banners and logos used in digital signage around the Bellerive Country Club, in St. Louis, Missouri where the tournament is taking place. The stolen files also included the development of logos for future PGA championships.
Hackers warned PGA staff that any attempt to disrupt or break the encryption would lead to the destruction and complete loss of all files on the system, according to Golf Week magazine.
“Russian hackers may have infiltrated the US electricity network,” officials warned.
One of the most notable instances of ransomware was the WannaCry attack that hit the NHS in 2017, as well as thousands of other organizations and businesses around the world. One report estimated the damage caused by that attack could exceed US$1Billion.
A separate report published this week by cyber security firm Proofpoint noted the reemergence of ransomware as a popular hacking tool in recent months. It said that approximately 11% of all malwares delivered by email between April and June was a variant of ransomware – up from 1% in the previous quarter.
“Ransomware was largely absent from malicious email campaigns in Q1, particularly compared to the previous 18 months. During that time it dominated the threat landscape,” the research stated. “While message volume with ransomware payloads is far from 2016 and 2017 levels, ransomware did return to more regular campaigns in the second quarter of 2018.”
Researchers from Proofpoint has concluded concluded that “it remains to be seen” how ransomware campaigns will evolve in the coming months and we are all but spectators.