EXECUTIVE SUMMARY:
These players are staying on their toes. A cyber attack has hit an NBA team; one of the 30 teams included in the USA’s National Basketball Association. Forensics investigators hired by the Houston Rockets are collaborating with the FBI to detangle the exact nature and full extent of the security event.
Doing so may prove difficult. An initial report indicates that an attacker attempted to place ransomware on the basketball franchise’s computer systems. In terms of large-scale wins, the hacker proved unsuccessful. Minor damage may or may not have occurred.
“The Rockets organization recently detected suspicious activity on certain systems in its internal network. We immediately launched an investigation,” says the team’s spokesperson, Tracey Hughes.
Cyber intrusion prevention technologies effectively reduced the degree of destruction caused by the attack. “Our internal security tools prevented ransomware from being installed except for a few systems that have not impacted our operations,” reported the Rockets. “While this investigation is ongoing, the incident has had no impact to our operations or our ability to take care of our fans, employees, and players.”
The investigation remains in full-swing, but early forensics reports indicate that no sensitive data appears to have escaped from the system, according to InfoSecurity Magazine.
Bloomberg reported that 500 gigabytes of data has gone missing. It appears to have included team-related financial data, non-disclosure agreements and contract information. The Babuk group is allegedly behind the attack.
Does victory require payment in advance? The criminal crew released a message on its dark webpage saying that the stolen data would not be returned unless a ransom were paid. The text also noted that failure to pay would lead to a data leak. Information would be released onto the public internet. However, these last few lines of text were later deleted.
The Houston Rockets report that, should the investigation indicate theft of personal data, any affected persons will receive notice.
For more on this story, visit InfoSecurity Magazine.
