PGA Championship & Ryder Cup Hackers Demand Bitcoin Ransom

On August 8, 2018, Golfweek reported that online hackers hijacked the PGA of America’s computer servers. The attack blocked access to files related to last PGA Championship and the upcoming Ryder Cup in France.

The hack was first detected when workers were attempting to work on the servers and were instead greeted by a message informing them that their network has been penetrated and that all files in the network have been encrypted “with a strong algorithm.”

Typical of malware attacks, the workers were warned that any attempt to break the encryption would lead to “the impossibility of recovery of certain files.” “We exclusively have decryption software for your situation,” the message warned. “No decryption software is available in the public.”

While the message did not specify the ransom amount, it included a Bitcoin wallet number. Bitcoin wallets are not linked to any particular person or entity, meaning that they cannot be used to identify suspects.

The hackers even offered to decrypt two files to prove their honest intentions.

What Was Hijacked?

The files contained creative materials, including promotional banners and logos used in digital and print communications and on digital signage around the grounds at Bellerive Golf Course, the grounds for the PGA Championship. There were also files of logos for future PGA Championships. “Some of the work began more than a year ago and cannot be easily replicated,” the report said.

The report also quotes a source from the PGA of America saying that they do not intend to meet any demands. Meanwhile, their IT team is working on addressing the issue but had not yet regained complete control of the files, nor identified the source of the hacking as of Wednesday.