Early Tuesday morning officials at the Professional Golfers Association (PGA) found that their systems had been compromised. The group discovered the attack when they attempted to access documents, but instead got a message saying;
“Your network has been penetrated, all files on each host in the network have been encrypted with a strong algorithm. This may lead to the impossibility of recovery of certain files.”
The documents in question include creative materials like banners and logos for this week’s upcoming PGA Championship at Bellerive Country club and documents for the famous Ryder Cup next month.
To regain control access to the documents the attackers are requesting Bitcoin, yet, no amount has been specified. Furthermore, if the organization attempts to decrypt the files there is the possibility that they will be permanently lost, as specified in the original message “All files on each host in the network have been encrypted with a strong algorithm. This may lead to the impossibility of recovery of certain files.”
Going forward the PGA faces a tough decision, to fight it and potentially lose the files, or to pay and fall victim to this extortion. However, according to Golfweek, an anonymous source close to the PGA says they do not intend to meet and extortion demands. Additionally, IT professionals working for the PGA have been instructed to ensure that the tournament is unaffected by the ransomware attack.
Recently, we have seen a large increase in the number of ransomware attacks held. This begs the question; what can organizations do? We have a blog post fully outlining this issue, to give a quick synopsis there are three things that an organization can do.
Firstly, you must be prepared for an attack, if you’re caught off guard you’re in for a difficult ride. Also, limit the attack options, all well known systems should be looked at to limit possible angles of attack. Finally, if you are attacked, it is imperative to quarantine the victim computer as soon as possible and to correctly identify the ransomware variant to contain the damage and perhaps even reverse the encryption process. Just as crucial is ensuring the infection has been completely rooted out before beginning the recovery phase, the success of which will depend on how solid your backup process is.
To prevent ransomware attacks from taking your organization hostage make sure to reach out and contact us to learn how Secure Sense can do this.
Secure Sense is the security provider that cares. We are a team of experts with a passion for IT and protecting your organization is what motivates us daily. If you have questions or want to learn more about how we can improve your organization’s security, our services or just want to chat security please give us a shout. If you’re looking to guest blog, please send an email here.