English Football Club Hit With Multi-Million Dollar Ransomware Attack

Published at: July 23, 2020

The UK National Cyber Security Centre released a report on July 23 that discloses a growing trend in ransomware attacks against the sports sector. They noted a recent example in which attackers demanded that an English Football League club, or EFL, pay a multi-million dollar ransom in Bitcoin (BTC).

According to the Cyber Threat to Sports Organizations paper, the unnamed club was targeted by ransomware that crippled their corporate security systems.

The ransom amount requested was 400 BTC ($3.66 million). The club declined to pay, resulting in a loss of their stored data.

The attack could have had a great impact

The study reveals that the attack may have led to significant damages. It notes that the club was unable to use their corporate emails, and the stadium’s CCTV system and turnstiles were non-operational due to the attack.

There is no public information on the attack vector that allowed the criminals to infiltrate their system. One hypothesis is that a phishing email was used to deploy the attack. The systems may also have been accessed through the CCTV system.

The UK cybersecurity authorities disclosed that the attack cost the club “several hundred thousand pounds.”

Ransomware attacks in the sports sector

According to the study, approximately 40% of the attacks on British sports organizations involved malware and a quarter of this involved ransomware.

These attacks have been growing in terms of impact since 2018, with cybercriminals mostly targeting high-value sports entities.

Ransomware attacks worldwide increased by 200% in the same period of time. The software required to carry out such an attack is widely available on the darknet.

Instances of so-called “crypto-jacking” — a ransomware method in which criminals commandeer devices to mine cryptocurrency — spiked in Singapore 300% year-on-year Q1 2020.

Tags
Related Posts
Did Jack Daniels Thwart a Ransomware Attack or Not?
Ransomware gang REvil, known also as Sodinokibi, claims to have mounted a successful attack against the U.S. wine and spirits giant, Brown-Forman Corp — but the company claims otherwise. The company is the official manufacturer of Jack Daniels whiskey. According to cybersecurity services provider, AppGate, the famous alcoholic beverages manufacturer did fall victim to an attack but refused to pay the ransom demanded by REvil. However, Brown-Forman Corp told Infosecurity-Magazine in a statement they had successfully prevented cybercriminals from encrypting its files. This does not necessarily mean the gang’s claim to have compromised the internal network and stolen sensitive data …
Bitcoin / Aug. 20, 2020
McAfee Says NetWalker Ransomware Generated $25M Over 4 Months
Cybersecurity firm McAfee released a study showing the activities of NetWalker, a ransomware first known as Mailto that was initially discovered in August 2019. According to the report, the operators of NetWalker have collected over $25 million from ransom payments since March 2020. From March 1 to July 27, the group collected around 2,795 Bitcoin (BTC), purportedly making it one of the most profitable types of ransomware for cybercriminals. According to the report, the Bitcoin transactions received by the gang — where the amount is split among several different addresses — reflects that NetWalker is a "ransomware-as-a-service" malware. Such a …
Bitcoin / Aug. 4, 2020
University of York Confirms Recent Data Breach Was Caused by Ransomware
The University of York has confirmed that a ransomware attack from an unnamed gang took place in May. Vulnerabilities from their third-party service provider led to the data breach. According to an announcement via the University’s website, Blackbaud, one of the world’s largest customer relationship management systems for sectors such as the education, confirmed that the cybercriminals managed to extract copies of staff, alumni, and student records. The university clarified that no sensitive information, such as banking details or login credentials, were stolen by the gang. Overall, the hackers captured basic info like names, date birth dates, addresses, contact details, …
Blockchain / July 22, 2020
California University Pays Million-Dollar Crypto Ransom
The University of California at San Francisco School of Medicine reportedly paid a $1.14 million ransom in cryptocurrencies to the hackers behind a ransomware attack on June 1. According to CBS San Francisco, the UCSF IT staff first detected the security incident, stating that the attack launched by NetWalker group affected “a limited number of servers in the School of Medicine.” Although the areas were isolated by experts from the internal network, the hackers left the servers inaccessible and managed to deploy the ransomware successfully. A statement published by the University of California said: “The data that was encrypted is …
Technology / June 30, 2020
LG and Mitsubishi Hit by Ransomware Attacks, Data Leak ‘Coming Soon’
Two ransomware gangs reportedly attacked the electronics giant, LG, and Japanese multinational car manufacturer, Mitsubishi. The hackers are now threatening both companies with data leaks. Screenshots posted to the gang’s blog show several files, as well as source code from the attack. No official statement from LG yet As of press time, the electronics giant has not addressed the incident officially. A statement from the ransomware gang alleges that the hackers managed to steal over 40GB of source code from the manufacturer. However, Brett Callow, threat analyst and ransomware expert at malware lab Emsisoft, stated that the alleged proofs don’t …
Technology / June 26, 2020