While the 100th PGA of America tournament is under way at Bellerive Country Club in St. Louis, Missouri, it is unclear whether PGA has had access to its servers returned after it was struck with a ransomware attack earlier this week, according to news from Golfweek.
Members of the PGA staff allegedly discovered the attack Tuesday morning when they received a message stating that their network had been hijacked and all files had been encrypted. Golfweek reported that an attacker used malware to lock down official files and then demanded Bitcoin payments be sent to a specified wallet number. The messages to the victims reportedly stated that efforts to decrypt the files “may lead to the impossibility of recovery of certain files.”
Infosecurity Magazine contacted PGA, and a media spokesperson said that they have no comment at this time, but an anonymous source told Golfweek that PGA did not intend to pay the ransom. It was also reported that as of Wednesday, 8 August, PGA officials had not gained complete access to its servers.
According to BleepingComputer, the hacker’s message included the misspelling of the word “algorithm,” suggesting that PGA was the victim of BitPaymer Ransomware, which allows attackers to hack into remote desktop services connected to the internet and then move within the network to infect any computers they can access.
Rob Embers, CCO of Dionach, said, “In our experience, and as the PGA ransomware attack illustrates, information security breaches such as this are becoming more frequent across all sectors, not just those that are considered typical targets such as financial services.
“It’s imperative to conduct regular security assessments and remediate against known issues – and improve staff knowledge and awareness so they don’t inadvertently give cyber-attackers a foothold in your IT infrastructure," Embers continued. "In this instance, it seems that the breach involves the loss of creative materials which is undoubtedly costly from a business perspective, but we see cases every month where sensitive customer or commercial data is exposed, compounding the risks of reputational damage and even regulatory penalties.”