NASCAR team red-flagged by ransomware attack
Sprinters pay up to unlock data
NASCAR, America's favorite no-right-turn racing format, has joined the growing ranks of people hit by, and paying out to fix, ransomware.
The Circle Sport – Leavine Family Racing (CSLFR) has admitted paying off ransomware runners after one of its main test computers got infected with Truecrypt malware. The laptop was quickly isolated, but left the team's crucial test data locked up two days before a big race.
"Just knowing that we could lose everything that we have worked so hard to achieve over the years in 48 hours was terrifying," said Dave Winston, NASCAR Sprint Cup Series Crew Chief for CSLFR.
"The data that they were threatening to take from us was priceless, we couldn't go one day without it greatly impacting the team's future success. This was a completely foreign experience for all of us, and we had no idea what to do. What we did know was that if we didn't get the files back, we would lose years' worth of work, millions of dollars."
After failing to recover its files, the team made the decision – a common enough one – to pay up and get its data back. After sourcing a few hundred bucks in Bitcoins to pay the fee, the encryption key was sent over by the online criminals running the code.
That gave the team the ability to get back into its data, but they were worried about other infections lurking on their systems. A survey with security firm Malwarebytes found more ransomware malware on its computers, and now the team has a cleaner network and the security firm's name emblazoned across its car.
"Companies of all types and sizes can fall victim at any time. Instances of ransomware infection are growing rapidly, and the first step in fighting a disease is protection," said Marcin Kleczynski, CEO of Malwarebytes. ®