PGA Golf Championship Hit by Ransomware Attack

Cyber Security Articles 2018

The Professional Golfers’ Association of America (PGA) was hit by a ransomware attack and encrypted sensitive files.

The PGA Golf Championship 2018, annual golf tournament conducted by the Professional Golfers’ Association of America was scheduled to start this week.

The attack happened on Tuesday and files were encrypted with a message stating that :
“Your network has been penetrated. All files on each host in the network have been encrypted with a strong algorythm [sic].”

According to reports, hackers have stolen crucial files related to this week’s PGA Championship and upcoming Ryder Cup event in France.

The encrypted files contain creative materials for the PGA Championship and Ryder cup which includes promotional banners, logos used for printing, etc.

In order to recover the files, PGA officials are asked to pay a ransom although ransom amount was not mentioned.

Hackers provided an email address and a Bitcoin address and also offered to decrypt two files for free.

The attackers also warn the official that “We exclusively have decryption software for your situation. No decryption software is available in public.Any attempt to break the encryption could cause the loss of all of the work. This may lead to the impossibility of recovery of certain files”.

There are some unconfirmed reports that the ransomware used for the attack was BitPaymer.

According to PGA officials, the attack will not affect the PGA Championship, and it will be held as per the schedule.

The officials refused to comment on the incident because it is an ongoing situation.

Always follow these basic instructions to protect yourself from any ransomware attack:

  • Perform regular backups. Ideally, this data should be kept on a separate device, and backups should be stored offline
  • Maintain updated Antivirus software for all systems
  • Don’t open attachments in unsolicited e-mails, even if they come from people in your contact list, and never click on a URL contained in an unsolicited email, even if the link seems benign. In cases of genuine URLs close out the e-mail and go to the organization’s website directly through the browser.
  • Keep the operating system and third-party applications (MS office, flash player, browsers, browser Plugins) up-to-date with the latest patches.

You may be interested in reading: NIST Guidelines for Dealing with Ransomware Recovery


Please rate this content