Golf Association Hit by Crypto Ransomware

The Professional Golfers' Association of America got a nasty surprise with some ransomware that demands Bitcoin to decrypt files.

Officials from the PGA of America were just greeted on Tuesday by messages from a piece of ransomware. The demands included a payment in Bitcoin to a specific wallet address.

The message read: “Your network has been penetrated. All files on each host in the network have been encrypted with a strong algorithm.” It was followed by a typical warning we see in most ransomware that tells the user not to attempt to break the encryption themselves lest they lose all of their data.

Unfortunately for the victims of this attack, this attack managed to hit them in the gut, as the affected system contained all of the creative media needed to market the association’s entry into the Ryder Cup.

A report by Golfweek says that the PGA does not plan to meet the demands, according to a source who spoke to the paper under the condition of anonymity. We also found out that IT staff within the association were unsuccessful so far in recovering the files.

Judging by history, it’s unlikely that the PGA of America will manage to recover its files in time for the Ryder Cup, which takes place at the end of September. The city of Atlanta, after suffering the same style of attack in March, was not able to recover much of its data the last time we checked in June.

The problem with ransomware is that it doesn’t behave like a typical virus, which installs a couple of files over the operating system and wreaks havoc on a computer until the files and whatever manipulation they have done is removed. In the golfing association’s case, files outside of the ransomware are encrypted to the point that they just read as gibberish whenever someone tries to open them.

Dealing with a ransomware attack would involve “solving” the decryption process for each file, making it very unlikely that we’ll see any breakthroughs anytime soon.