NASCAR Race Team Learns Ransomware Lesson The Hard Way

  /     /     /  
Publicated : 22/11/2024   Category : security


NASCAR Race Team Learns Ransomware Lesson The Hard Way


Dave Winston had heard stories about people who had to pay money to get access to hijacked computer files, but like many everyday computer users going about their busines...



Dave Winston had heard stories about people who had to pay money to get access to hijacked computer files, but like many everyday computer users going about their business, he didnt put much credence to the rumors. He wasnt familiar with the term ransomware and he didnt know what a Bitcoin was: But all that changed for the NASCAR Sprint Cup crew chief one day this spring when all of the files he depended upon to tweak his teams valuable race car specs had been encrypted by cybercriminals.
Winston and his colleagues with Circle Sport-Leavine Family Racing are coming forward today to talk about their very personal experience with Teslacrypt ransomware back in April -- to warn others of the reality of ransomware so that fewer businesses and computer users in their position dont have to learn the hard way.
We learned first-hand that it’s a fact and it happens, Winston says. So that’s what we’re hoping to be able to do is to spread the word and the knowledge, and have people understand that this is something that’s going to happen more and more and you have to protect yourself.
Circle Sport-Leavine Family Racing is a close-knit team with a small IT footprint of only about 10 computers. Prior to the ransomware attack, nobody on the team was super-savvy about backing up files or choosy about anti-malware packages. Each user was pretty much responsible for using whatever default antivirus came on the computer out-of-the box and there were no standards for protection. Things like ransomware and malware attacks simply werent on the teams radar--they were too busy tuning their cars to perform well in the Sprint Cup series races.
As crew chief, Winston depends on his computer to store valuable and sensitive information vital to competing in the series.
It was any information you could possibly imagine, whether it was track set-up information, car chassis information, wind tunnel information, personnel information, or parts information, he says. Everything was on my computer and there were spreadsheets I used to determine setups and things like that in the car as we went from racetrack to racetrack. 
When he was confronted by the pop-up box that all of his data and files had been encrypted and he had to pay a ransom, he thought, This cant be. So he tried to open another one. And another one. Soon, the panic kicked in.
He got four or five of his teammates around the table and they tried to figure out what happened. After hours of research on ransomware and the thought of losing what they estimated to be $2 million worth information just a few days before their cars were set to hit the next racetrack, they decided to bite the bullet. Considering that it would have taken the team 1,500 man-hours to recreate the data, they felt paying off the bad guys was their only option.
They found a Bitcoin ATM just a few miles away from them, loaded up with $500 worth of the digital currency, crossed their fingers and paid the extortionists. After a night sweating it out, the criminals did come through with an encryption key. But the next morning when they tried to apply it, they couldnt get it to work.
Thats when they went to get help from their technical alliance partners at the Richard Childress Racing team, which does have an IT staff. Not only did they help them apply the key, but they got Circle Sport-Leavine Family Racing on the path toward future protection by steering them over to Malwarebytes and offering best practice advice on things like backup procedures and establishing standard security set-ups across all of their computers.
Black Hat USA returns to the fabulous Mandalay Bay in Las Vegas, Nevada July 30 through Aug. 4, 2016. Click for information on the
conference schedule
 and
to register.
According to Nathan Scott, technical manager for ransomware for Malwarebytes, Winston and his team are not alone in learning about ransomware the hard way. Its the reason why ransomware is what he calls the biggest threat of all time and technologys worst nightmare--because there are lots of other anonymous victims out there just like this NASCAR team who bend to the simple but effective extortion.  
According to Malwarebytes information, instances of ransomware in exploit kits have increased by about 44% in the last six months alone.
Related Content:
Crypto Ransomware Officially Eclipses Screen-Blocker Ransomware
How To Lock Down So Ransomware Doesnt Lock You Out
Majority Of SMBs Would Not Pay Ransomware Attacker
 

Last News

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
NASCAR Race Team Learns Ransomware Lesson The Hard Way