In a ransomware attack this week, PGA of America computers were infected this week with a strain of malicious software that locked down critical files and demanded cryptocurrency for their return.
Administrators discovered that servers had been targeted in the ransomware attack that restricted them from obtaining access to material relating to major golf tournaments, including this week’s PGA Championship at Bellerive Country Club.
Golfweek reported, “Some signage had been in development for over a year and could not be reproduced quickly.”
The extortion threat demanded the transfer of bitcoin to the hackers with an end result of losing files as an alternative.
“Your network has been penetrated. All files on each host in the network have been encrypted with a strong algorithm (sic),” a ransom read. “Backups were either encrypted or deleted or backup disks were formatted.”
The note claimed shutting down the system may damage files.
The notice included a bitcoin wallet number and a warning that there was no way to get access to the files without a decryption key. The hackers that said they would prove their “honest intentions” to the PGA of America by unlocking two files free-of-charge.
An anonymous source revealed to Golfweek that officials had no intention of paying the ransom demand, following the advice of most law enforcement officials and cybersecurity experts.
The network remained locked on Wednesday and external researchers are still investigating.
The golfing association did not reveal what ransomware infected its computers. However, tech website Bleeping Computer found the demand matched the BitPaymer variant. Researcher Lawrence Abrams said one previous extortion scheme asked for 53 bitcoins, equivalent to $335,000.