PGA Championship 2018: Hackers hold golf tournament computers for bitcoin ransom

Hackers warned PGA staff that any attempt to break the encryption would lead to the complete loss of all files

Anthony Cuthbertson
Thursday 09 August 2018 18:42 BST
Comments
The Bellerive Country Club in St. Louis, Missouri hosts the 100th PGA Championship
The Bellerive Country Club in St. Louis, Missouri hosts the 100th PGA Championship (EPA)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Hackers have taken control of computer servers belonging to the PGA of America, demanding a bitcoin ransom from the golf association in order to return them.

Staff discovered ransomware in their computer systems two days before the PGA Championship, which tees off in Missouri. Ransomware works by encrypting the data held on a network's servers, which the hackers then demand a ransom.

Hackers warned PGA staff that any attempt to break the encryption would lead to the complete loss of all files on the system, according to Golf Week magazine.

“Your network has been penetrated. All files on each host in the network have been encrypted with a strong algorythm [sic]," a message from the hackers stated. “We exclusively have decryption software for your situation. No decryption software is available in the public.”

One of the most notable instances of ransomware was the WannaCry attack that hit the NHS in 2017, as well as thousand of other organisations and businesses around the world. One report estimated the damage caused by that attack could exceed $1bn.

A separate report published this week by cyber security firm Proofpoint noted the reemergence of ransomware as a popular hacking tool in recent months.

It said that approximately 11 per cent of all malware delivered by email between April and June was a variant of ransomware – up from 1 per cent in the previous quarter.

"Ransomware was largely absent from malicious email campaigns in Q1, particularly compared to the previous 18 months. During that time it dominated the threat landscape," the research stated. "While message volume with ransomware payloads is far from 2016 and 2017 levels, ransomware did return to more regular campaigns in the second quarter of 2018."

Proofpoint researchers concluded that "it remains to be seen" how ransomware campaigns will evolve in the coming months.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in