Lessons Learned from the NASCAR Team Ransomware Attack
Circle Sport-Leavine Family Racing, a NASCAR racing team, was victimized by ransomware early on in the 2016 racing season. Their crew chief said that the data held for ransom was worth millions of dollars and that it would’ve taken about 1,500 man-hours to recreate the data. Under the gun, with another race just days away the team decided to pay the Bitcoin ransom.
Photo credit: By Casey24836 - http://www.flickr.com/photos/chayes24836/6110686634/, CC BY-SA 2.0, https://commons.wikimedia.org/w/index.php?curid=20044074
Fortunately, they received the key to decrypt their data, which doesn’t always happen. Concerned that malware might still be hiding on their systems the team contacted Malwarebytes for professional help. Malwarebytes found an additional 10,000 contaminated files and remediated them. Here are a few takeaways from this ransomware attack.
Ransomware is Indiscriminate
Attack vectors like malvertising and email spoofing seek to spread far and wide by infecting whatever systems they happen to land on. Ransomware doesn’t care whether you’re a member of a NASCAR team, the CEO of a Fortune 500 company, or the shop assistant at a Mom & Pop flower shop. Cybercriminals in this case just want to be paid.
The Importance of Security Software
Make sure that your security software is up to the task. The threats to your cybersecurity are evolving daily and so should your solution. Having capable security software running on your devices is a strong initial defense against malware and, in turn, ransomware. Malware knows no bounds in regards to platform or operating system so make sure to consider all your connected devices when choosing and installing security software. The team may have been running security software but clearly it wasn’t good enough.
The Importance of Backup, Security Incident Response Plans, and Business Continuity
If the team had a plan in place to deal with this kind of threat, and its aftermath, then it too wasn’t up to the task as it wouldn't have taken about 1,500 man-hours to recreate the data that was encrypted. Here are three things you can do to defend your organization:
- Have restorable backups
- Have a security incident response plan that you practice
- Have a business continuity plan that accounts for mass data loss
Thanks to the Circle Sport-Leavine Family Racing team for sharing their ransomware survival story. As you can see, ransomware is everywhere, we’re all potential targets, you can protect yourself, and in the event something does happen you can minimize the damage.
If you want help with your organization’s cybersecurity posture give us a call. We can perform a no-cost security study to make you safer today.