PGA of America, which runs the PGA Championship golf tournament, has become the latest victim of a ransomware attack after hacker group Shadowy bandits hijacked its computer servers locking the staff out of crucial files containing marketing materials for the competition as well as the Ryder Cup in France.
After the staff of PGA realized that their systems were compromised and attempted to work on the files, they were greeted with a message that read, “Your network has been penetrated. All files on each host in the network have been encrypted with a strong algorythm [sic].”
The hackers also warned that break the encryption would cause loss of all the data, which may “lead to the impossibility of recovery of certain files”
According to GolfWeek, the locked files “include extensive promotional banners and logos used in digital and print communications, and on digital signage around the grounds at Bellerive. The stolen files also include development work on logos for future PGA Championships. Some of the work began more than a year ago and cannot be easily replicated.”
“We exclusively have decryption software for your situation. No decryption software is available in the public,” they wrote.
The hackers also sent an encrypted email address which PGA could use to send hackers two files which they would decrypt to testify their honest intentions.
The hackers provided a bitcoin address but haven’t specified the desired amount. The bitcoin wallets were not linked to a particular person or entity and due to the very same reason couldn’t be used to track the attackers.
Reports suggest that PGA of America is unwilling to pay up the ransom and has deployed its IT team to fix the issue and identify the hackers. PGA has not commented on the issue yet as it is an “ongoing situation”.
On the bright side, the hacking incident did not impact the PGA Championship, and the tourney went on without any disruptions. Cyber-security expert Matthew Hickey at Hacker House told BBC that it’s likely the hackers were trying to maximise the effect of their attack, as the incident occurred right at the onset of the championship. “They would have picked a date to cause as much disruption as possible,” he said.