Slashdot Mirror

← Back to Stories (view on slashdot.org)

NASCAR Team Pays Ransomware Fee To Recover Files Worth $2 Million (softpedia.com)

Posted by BeauHD on from the give-in-to-demands dept.

An anonymous reader writes: "NASCAR team Circle Sport-Leavine Family Racing (CSLFR) revealed today it faced a ransomware infection this past April when it almost lost access to crucial files worth nearly $2 million, containing car parts lists and custom high-profile simulations that would have taken 1,500 man-hours to replicate," reports Softpedia. "The infection took place on the computer belonging to CSLFR's crew chief. Winston's staff detected the infection when encrypted files from Winston's computer began syncing to their joint Dropbox account." It was later discovered that he was infected with the TeslaCrypt ransomware. Because the team had no backups of the crucial data, they eventually paid the ransom (around $500). This happened before TeslaCrypt's authors decided to shut down their operations and release free decryption keys.

28 of 58 comments (clear)

  1. BACKUPS PEOPLE! by thedarb · · Score: 4, Insightful

    SERIOUSLY!

    --
    This sig intentionally left blank.
    1. Re:BACKUPS PEOPLE! by zugmeister · · Score: 4, Insightful

      But... But... There was a backup! The files were on the laptop, and on the cloud (everything's safe and secure in the cloud, just ask a cloud services provider salesman), and on everyone else's computer that used that Dropbox account.

      All snark aside, you wanna know what's really awesome? If just ONE computer that used that Dropbox account had good backups going, they could have restored the whole mess from there. Restore for only $500? They should have offered to take those scammers out to dinner as well.

    2. Re: BACKUPS PEOPLE! by Anonymous Coward · · Score: 4, Insightful

      Or, you know, use revision control that's built into Dropbox

    3. Re:BACKUPS PEOPLE! by vlueboy · · Score: 1

      Stories like this one have been pushing me to back up our thousands of photos before mother gets hit with some cryptoware and we lose it all (one of our neighbors lost it all when her kids got Cryptowalled).

      I'm finally doing something about it, and was just sitting next to the PC watching Youtube to figure out what to do after installing the new 2TB internal drive. I have been scratching my head thinking of something that won't require Cygwin / rsync and will interact with Windows 7 backup files in case I need to use Linux. Since I did pay for my Ultimate upgrade, I'm planning to use it exclusively if push comes to shove, so I'm this close to just sticking the disk in and forgetting about Linux compat. I might just buy a separate disk and do SystemRescueCD images later, if needed be, but my experience says that leads to needless duplication, and I haven't found filesystem agnostic deduplication in OSS.

      Thanks

    4. Re: BACKUPS PEOPLE! by Anonymous Coward · · Score: 1

      I can second this having actually used dropbox revision control to recover documents after they had become corrupted. Dropbox keeps a 30 day record of all your revisions by default even on the most basic plan. Now you can pay extra to get an infinitely long revision history.

    5. Re:BACKUPS PEOPLE! by NotAPK · · Score: 1

      Crashplan.

      It's not perfect, and I'm skeptical of the business behind the operation, but it allows any host to backup to any other host. On top of this it offers encryption, deduplication, and snapshots, though the free version limits you to a daily backup - though that's most enough for most needs.

      Choose your most trusted host, add the 2TB drive to that computer, install Crashplan, configure the inbound backups and point the software at the external drive.

      Now from the rest of the hosts, choose to backup to the trusted host.

      This may not do 100% of what you want, but I'd recommend looking into it. With some massaging you should be able to get what you want. The best feature is teaming up with a friend: let them backup to your house, and you backup to theirs. Simple.

    6. Re:BACKUPS PEOPLE! by JeffOwl · · Score: 1

      For reasons that are all to obvious right now you are probably realizing that having that as your only backup is not a great idea. Sure, what you have is probably better than most, but if you really care about your data you need to periodically backup to something that isn't on-line whenever your computer is on.

  2. Because the team had no backups of the crucial dat by Anonymous Coward · · Score: 1

    > Because the team had no backups of the crucial data ... Worth $2 Million

    Idiots. Absolute morons.

    What would happen if that laptop got stolen? Or dropped. Or rained on. Or run over? Or caught fire? Or corrupted. Or just plain files deleted by accident?

    I have no sympathy for data loss when there was no backup. If it's not important enough to have a back-up, then it wasnt important.

  3. Re:Hey, dummies by Man+On+Pink+Corner · · Score: 2, Insightful

    Or Dropbox's "packrat" option? Yeah, good luck encrypting that.

  4. Re:Because the team had no backups of the crucial by Anonymous Coward · · Score: 5, Funny

    They can only turn left. What do you expect?

  5. This shows the need for Backups by MpVpRb · · Score: 1

    Computer hardware can, and will, fail..often at the worst possible time

    Anybody who cares about their data should have backup. Multiple layers of backup, some offsite (I know I do)

    Then, ransomware attack = hardware failure..annoying, but recoverable

  6. I want that Job!! by Anonymous Coward · · Score: 1

    $2,000,000 / 1,500 = 1,333.33 Per Hour. That is CEO Money!!!

  7. No Reverse Gear. by zenlessyank · · Score: 5, Funny

    So no backing up!!

  8. And now they all run *nix. by Anonymous Coward · · Score: 1

    Like duh?

  9. *facepalm* by mentil · · Score: 1

    crucial files worth nearly $2 million

    would have taken 1,500 man-hours to replicate

    the team had no backups of the crucial data

    *facepalm*
    I expect the ransomware market to explode in the near future as more stories like this come out. Expect self-aware malware that asks for more money if the data is more important.

    --
    Corruption is convincing someone that the selfless ideal is the same as their selfish ideal.
  10. Re:Real Source by Anonymous Coward · · Score: 1

    Forbes is based on this: http://www.cslfr95.com/news/?c...

  11. NASCAR: we R 2 dumb by JustAnotherOldGuy · · Score: 4, Insightful

    "Because the team had no backups of the crucial data..."

    (sigh) Seems like someone at the NASCAR IT department needs adult supervision.

    --
    Just cruising through this digital world at 33 1/3 rpm...
  12. Idiots... by wbr1 · · Score: 1
    One.. no proper backup plan.

    Two... dropbox keeps revisions. They didn't have to pay most likely.

    --
    Silence is a state of mime.
  13. Re:Hey, dummies by mlts · · Score: 1

    There are many ransomware-resistant solutions:

    1: Pull backups. NetBackup, Veeam, and many others come to mind.
    2: EMC Isilons offer SmartLock functionality that can be set to prevention deletion for everyone out but root on the physical Isilon console.
    3: My little two drive NAS offers snapshots and backups to a USB hard drive. Malware can pop the current time, but just cd-ing to a directory to "#snapshot" and fetching the files is nice.
    4: Amazon Glacier offers vault locks that once set after 24 hours, cannot be removed, even by the AWS owner. Set a WORM policy of 30-180 days, daily backups to that, call it done.
    5: Good old fashioned tape drives. WORM cartridges are not expensive, although the drive unit is pretty pricy.

    Is it the norm these days for backups to not be done, or people assume that RAID constitute as backups?

  14. *sigh* by Gravis+Zero · · Score: 1

    With all these idiots paying out ransoms and nobody getting caught, I feel like I went into the wrong line of work! It's depressing how dumb people can be when it comes to computers.

    --
    Anons need not reply. Questions end with a question mark.
  15. They didn't face a "ransomware infection" by gavron · · Score: 1

    Let's face it. We can either help other people not end up like these people, or we can gloat.

    In the interest of helping:
    1. Install the anti-malware software BEFORE you get pwn3d. Sure, it won't help against zero-day exploits, but it will defeat the other 99%.

    2. Don't user your critical data server as a web-browser or email client. Period.

    3. Use a rolling OFFLINE backup strategy so you maintain multiple OFFLINE backups of your critical data so you can restore to yesterday, last week, two weeks ago, etc.

    4. Use a revision control system (RCS) so that when 150,000 files change, instead of checking in the changed files it freezes things and alerts you.

    5. The number one mistake: Overconfidence, ego, and hubris. If you're a NASCAR team and can afford a guy to check tire temperatures at every pit stop, for FUCK'S SAKE HIRE AN IT GUY to set up your simulation server... instead of having it be on some idiot's laptop who surfs the web and gets infected. Sure, we don't want to blame the victim, but see points 1-4 above. This is exactly the same as every hospital that gets infected... every police department that gets infected... etc. The same incompetence, lack of understanding of the problem, lack of mitigation, and finally the ego.

    Ehud Gavron
    Tucson AZ

    1. Re: They didn't face a "ransomware infection" by pinkushun · · Score: 1

      Translated into a well placed car analogy: Always have a backup car.

  16. Re:Because the team had no backups of the crucial by Imrik · · Score: 1

    They would have restored the files from the Dropbox account, it's not that there were no backups, it's that the backups were updated to be encrypted as well.

  17. Re:Because the team had no backups of the crucial by phantomfive · · Score: 2

    Yeah, they were lucky that these files only got encrypted, which means they could get them back.

    --
    "First they came for the slanderers and i said nothing."
  18. Re:Because the team had no backups of the crucial by phantomfive · · Score: 1

    Mirroring is not backup, not at all.

    --
    "First they came for the slanderers and i said nothing."
  19. Re:Hey, dummies by phantomfive · · Score: 2

    Git was kind of designed (partly) to solve the backup problem......

    --
    "First they came for the slanderers and i said nothing."
  20. Re:Hey, dummies by mlts · · Score: 1

    The ironic thing is that Windows servers have one of the easiest to use and most workable backup programs, wbadmin. From there, there is Veeam, and if one wants to stay in the MS ecosystem, there is MS DPM.

    I would say part of the blame is that there is so much pressure to get stuff up and running, that stuff like security and backups fall to the wayside. For example, part of the cost in setting up a VMWare farm should be Veeam. However, backups tend to be ignored.

    I'm sort of reminded of how people actually started practicing security when MS-DOS viruses started not just erasing hard disks, but zapping BIOS firmware and throwing monitors bogus refresh rates in order to have them fry. When hardware started getting destroyed, people started paying attention. I wonder how long it will take for the same thing to happen, once ransomware starts taking advantage of user permissions on the domain/tree/forest level and spreading via AD.

  21. Will they learn? by ebvwfbw · · Score: 1

    Have to wonder, now do they backup their stuff? Then, how long will they do that if they are. 3 months, 9 mo, year... Then why bother. Whammo!