400 Bitcoin Ransom: What Happened When a UK Football Club Refused to Pay It

According to a 28-page report (titled: “The Cyber Threat to Sports Organisations”) published yesterday (July 23) by the UK’s National Cyber Security Centre, ransomware is a significant issue for sports organizations.

The NCSC, which was launched in October 2016, has “headquarters in London and brought together expertise from CESG (the information assurance arm of GCHQ), the Centre for Cyber Assessment, CERT-UK, and the Centre for Protection of National Infrastructure.”

It acts as “a single point of contact for SMEs, larger organisations, government agencies, the general public and departments,” and works “with other law enforcement, defence, the UK’s intelligence and security agencies and international partners.”

One example of a ransomware attack cited by the NCSC is an English Football League (EFL) club that is not named in the report. Apparently, the  hackers had demanded a 400 bitcoin ransom, which the owners of the club refused to pay.

The hackers then took revenge by encrypting the club’s “end user devices.” Furthermore, some of the club’s servers were also encrypted, which meant that the club was not able to use corporate email.

Although It is not clear what attack vector was used, the NCSC suspects that the initial infection was the result of either a phishing scam or a remote hacking of the club’s CCTV system.

Since all the systems at the stadium were on one network, the infection was able to spread quickly. It is estimated that this football club lost several hundred thousand British pounds.

After the club repaired its IT systems, it made the following conclusions:

  • There had been two little focus on security.
  • They should have segmented their networks to make it more difficult for an attack to affect multiple systems.
  • They had neither prepared any kind of emergency response plan nor had done any training exercizes on how to deal with this kind of situation.
  • They had invested too little in cybersecurity.

The club now has a new IT manager, and they have updated their systems and workflows to minimize potential damage from any future attacks.

The MCSC report goes on to say that such cyber attacks are quite common against sports organizations in the UK. Among those organizations surveyed, 70% had experienced at least one attack per year.

Featured Image by “geralt” via Pixabay.com

 

Join Geezgo for free. Use Geezgo’s end-to-end encrypted Chat with your Closenets (friends, relatives, colleague etc) in personalized ways.>>
Did you enjoy this post? Please comment below:

  • Bitcoin
  • Ethereum
  • Litecoin
  • Zcash
Scan to Donate Bitcoin to bc1qcc3xajxvdqjnx2f7j7sfcfun7jagr0nh94fa2e

Donate Bitcoin to this address

Scan the QR code or copy the address below into your wallet to send some Bitcoin

Scan to Donate Ethereum to 0x704671D7591d05Dd0790E86Aee964558E9347b07

Donate Ethereum to this address

Scan the QR code or copy the address below into your wallet to send some Ethereum

Scan to Donate Litecoin to ltc1q7tj9ydra9ylkelu42vypp6cu2v0msf5lc2p5mq

Donate Litecoin to this address

Scan the QR code or copy the address below into your wallet to send some Litecoin

Scan to Donate Zcash to t1LiPaQ7gsSL23FbjXswpSoguP6yAE1xj5B

Donate Zcash to this address

Scan the QR code or copy the address below into your wallet to send some Zcash

 144 

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *