NASCAR Team Finds Out How Scary Ransomware Is

Article by George Norman (Cybersecurity Editor)

on 27 Jun 2016

Imagine this scenario if you will. You have a project due and you’re working hard on it, saving all the project-related data on your computer. A couple of days before the due date, you find out that something’s gone wrong and you’re locked out, unable to access the project. A sinking feeling comes over you. You’re scared that unless you can make things right again, you’re pretty much screwed.

That’s what happens when your computer gets infected with ransomware. Once it infects your computer, it uses encryption to lock files, and then asks you to pay to get the key to unlock your files. So basically, it takes your data hostage, locks you out, and tells you that if you want to get your data back, you have to pay a ransom – hence the name ransomware.

Ransomware can strike anytime and anywhere

Circle Sport-Leavine Family Racing (CSLFR), a NASCAR racing team fielding the No. 95 in the Sprint Cup Series, recently fell victim to a ransomware attack, Malwarebytes reports.

The ransomware in question – TeslaCrypt. The data that was taken hostage – personnel information, data from test facilities, and track data from races. Data valued at some $2 million dollars, data that would take some 1,5000 man-hours to recreate. Definitely not something that you’d want to lose!

"Just knowing that we could lose everything that we had worked so hard to achieve was terrifying," said Dave Winston, NASCAR Sprint Cup Series Crew Chief. "The data that they were threatening to take from us was priceless, we couldn’t go one day without it greatly impacting the team’s future success. This was a completely foreign experience for all of us, and we had no idea what to do. What we did know was that if we didn’t get the files back, we would lose years worth of work valued at millions of dollars."


Don’t pay the ransom! Don’t ever pay the ransom!

When ransomware takes important data hostage, your first thought is to pay the ransom and get it back. You really shouldn’t do that, and here’s why. First, there’s no guarantee that you’ll get your data back. And second, your money will go towards supporting cybercriminals. They’re in it for the money, and if you pay, they get precisely what they want. And once you give them what they want, they'll be back for more.

So what do you think the CSLFR team did? They paid the ransom. Sigh!



And after they paid the rasom, they turned to Malwarebytes to make sure no malware was left behind. By using Malwarebytes Anti-Malware, they managed to eliminate additional instances of malware infection from over 10,000 files.

"Like most companies, we felt we had solid security in place on our digital intelligence with our software and firewalls, but this is a very new threat," said Jeremy Lange, VP at CSLFR. "It’s an area of coverage that you don’t realize you need until it happens to you. We’re lucky that it all worked out and now having this partnership with Malwarebytes, we hope to inform NASCAR fans and the industry of this threat and the solution."

"We are honored to be partnering with CSLFR to emphasize to everyone including the NASCAR community that ransomware is a very real threat," said Marcin Kleczynski, CEO, Malwarebytes. "Companies of all types and sizes can fall victim at any time. Instances of ransomware infection are growing rapidly, and the first step in fighting a disease is protection. We are doing everything we can to help companies like CSLFR and the other Fortune 500 companies in NASCAR to protect and defend themselves from cyber criminals who want to take their incredibly valuable data hostage."


TL;DR? Watch this video!





There’s something fishy about this story

To recap, the CSLFR racing team says they were infected with ransomware, got a good scare out of it, and now they’re using Malwarebytes to stay safe. There are a couple of things that bother me about this whole story.

1. Wasn’t their data backed up? When you have "years worth of work valued at millions of dollars," you might want to back it up to protect it against this type of thing!

2. CSLFR Operation Manager Michael Leavine says in the video above that "the only one that has any sort of protection against ransomware is Malwarebytes." Is it really? I highly doubt it! With ransomware attacks on the rise, any security company that’s worth its salt offers protection against this type of threat.



Latest News


Sony's 'Attack of the Blockbusters Sale' Slashes Prices in Half for a Ton of PS4 Games

17 Aug 2017

How Samsung's New T5 Compares to the Old T3 Portable SSD (Infographic)

17 Aug 2017

See all