Representatives of the Circle Sport-Leavine Family Racing team revealed that a ransomware scheme targeted the team’s IT infrastructure last spring. The data put at risk was estimated by crew chief Dave Winston to be worth upwards of $2 million. However, the hackers only demanded a ransom of $500 to release the stolen data.
Winston was alerted to the presence of malware when a pop up notification on his computer informed him that all the data on the racing team’s 10-computer network had been encrypted by a third party. This data included information about employees, the cars in the racing fleet, the tracks where races were held, and the competing drivers.
Initially, Winston and his team were unaware of the frequency and consequences of ransomware attacks. The team’s computer network had only minimal security measures in place, and little thought was paid to data security.
After researching ransomware and debating a response, decision makers on the team decided to pay the ransom. Using a Bitcoin ATM, $500 was released to the hackers. A day later the hackers released an encryption key.
Still lacking much cyber security expertise, the team was unable to get the key to work initially. They reached out to the dedicated IT team at Richard Childress Racing who were able to successfully input the encryption key and unlock the data.
Ultimately, the cost of the ransom relative to the value of the information was fairly small. But the attack reveals several troubling facts about the current use of ransomware. First, all data is vulnerable and potentially valuable, even if it has little discernible currency on the open market. In this incidence, few people would be interested in buying highly specific technical racing data. In order to reproduce it, however, the racing team estimated it would have to spend 1,500 man hours, creating a powerful incentive to pay the ransom.
The attack also underscores the growing frequency and creativity of ransomware attacks. Internet security firm Malwarebytes estimate that instances of ransomware attacks have increased by 44% in just the last six months. The technology behind these attacks is relatively unsophisticated but has proved to be consistently successful at exploiting money from victims.
The Circle Sport-Leavine Family Racing team has been advised to upgrade their cyber defenses, institute comprehensive backup procedures, and standardize security protocols across their network. All users are encouraged to take steps to guard themselves against ransomware, even if the personal digital data they store seems benign.