back to article NASCAR team red-flagged by ransomware attack

NASCAR, America's favorite no-right-turn racing format, has joined the growing ranks of people hit by, and paying out to fix, ransomware. The Circle Sport – Leavine Family Racing (CSLFR) has admitted paying off ransomware runners after one of its main test computers got infected with Truecrypt malware. The laptop was quickly …

  1. This post has been deleted by its author

  2. Anonymous Coward
    Anonymous Coward

    >NASCAR, America's favorite no-right-turn racing format,

    Its still largely a regional sport (especially since the recession, and the France grandson taking over being a retard). Still with Tony George being an even bigger retard (AJ Foyt with the assist) and destroying open wheel racing (including circuit left turn only) in the US I guess its true. As for the IT angle well I sure do enjoy the occasion NASCAR video racing griefer video. Ex prison hillbillies do say some crazy stuff in a rage hehe.

    1. a_yank_lurker

      @AC - NASCAR has its origins with moonshiners try to outrun the law in the South. Given the "good-ole-boy" background, if does not have anything to do with cars they are pretty much below clueless.

      1. Anonymous Coward
        Anonymous Coward

        preaching to choir

        Trust me, growing up in rural flyover country with hick relatives (and even a Dad) who used to watch that sh1t so long ago that they didn't show the whole race on Wide World of Sports I know exactly what Nascar and its even more hillbilly midwest cousin World of Outlaws sprint cars (what we watched live) are all about.

        1. Destroy All Monsters Silver badge
          Windows

          Re: preaching to choir

          What's wrong with you elitist fa**ots? Sounds like good fun with mecha, definitely more than association football. Or any football for that matter.

          1. Anonymous Coward
            Anonymous Coward

            Re: preaching to choir

            Who said anything about soccer? I wouldn't use derogatory sexual slang about it or its players but hardly going to defend it and its grab your leg flopping. If you thought I was some Euro you should have went after F1 or something (even lamer racing). Don't know, racing like most all sports (just yet more business wrapped in circus bow) just bores me these days, elitism aside.

            1. Anonymous Coward
              Anonymous Coward

              Re: preaching to choir

              "fa**ot"..... If you thought I was some Euro you should have...

              Err, I say you colonials! Could you pipe down for a while?

              1. Anonymous Coward
                Anonymous Coward

                Re: preaching to choir

                fa**ot hasn't be used to denote certain members of the "LGBT community" for some time now. I think the late 90s or so.

              2. Anonymous Coward
                Anonymous Coward

                Re: preaching to choir

                >Err, I say you colonials! Could you pipe down for a while?

                If only we were as wise politically as the UK, sorry I mean now just England. Still barbs aside hopefully Brexit buyers remorse will make some think twice about Trump as a protest vote.

  3. Mark 85

    Sounds like no one has heard of the words: "back up"? Although in NASCAR parlance, if you said that, they'd think you want go in reverse.

    1. The Nazz

      re Backup

      Call me what you will, but an image of Deliverance entered my mind.

      1. Paul Crawford Silver badge

        Re: re Backup

        Squeal like a piggy boy, squeal like a piggy that ain't got no back-up copies! Squee! Squee!

  4. Herby

    When...

    Will someone exercise their 2nd amendment rights to those at the other end of the wire? Law enforcement should be "on top" of this and get cracking.

    Maybe when something like this infects a network at some big country capital will they start to so something!

    1. JosephEngels

      Re: When...

      No, there has been some gross negligence here, but it is not on the part of law enforcement failing to stop these people ...

      If the data is valuable, BACK IT UP. Jeezus, even (paid for) Dropbox will save you from this, just roll it back.

      1. Anonymous Coward
        Anonymous Coward

        Re: When...

        If the data is valuable, BACK IT UP.

        And then back it up to another device as well after you have checked it!

    2. Crazy Operations Guy

      "Will someone exercise their 2nd amendment rights"

      The second amendment in no way give anyone permission to shoot another person. It just allows you to posses a firearm. Beside, no one really knows who the people running the ransom-ware actually are. The ransom-ware is distributed by bots operated by anonymous folk renting out their botnets who have had almost zero contact with the person actually running the ransomware (And even then, its just a username and some compromised bank account). On the other side, the money gets pushed through a couple layers worth of compromised and numbered accounts by anonymous money mules. In most cases, that money is then used to pay for botnets to produce fake clicks on advertisements to generate 'affiliate revenue' for websites the ransomware operators may own.

      My point is, the ransomware folk know what they are doing and have built in many many layers of defense into their operations. Some of the more sophisticated ransomware operators have operations so complicated and difficult to pierce they make the CIA look like a couple of toddlers trying to trick their parents by speaking in pig latin.

  5. stizzleswick

    No backup, no commiseration.

    'nuff said.

    1. paulc

      Re: No backup, no commiseration.

      they were 'backing up' to dropbox but the infected laptop was overwriting good files in dropbox with encrypted ones

      1. Paul Crawford Silver badge

        Re: No backup, no commiseration.

        I thought Dropbox provided snapshots? What went wrong with that?

        1. Sorry that handle is already taken. Silver badge

          Re: No backup, no commiseration.

          Maybe they were using a free Dropbox account?

  6. Mike 125

    TeslaCrypt

    >>Leavine Family Racing (CSLFR) has admitted paying off ransomware runners after one of its main test computers got infected with Truecrypt malware.

    That's TeslaCrypt, not Truecrypt.

  7. Franklin

    "The data that they were threatening to take from us was priceless, we couldn't go one day without it greatly impacting the team's future success. What we did know was that if we didn't get the files back, we would lose years' worth of work, millions of dollars. However, we can't be arsed to go to Costco and spend $40 on a backup drive, or even keep our files on a USB stick."

    There, FTFY.

  8. chivo243 Silver badge

    There is no going backwards

    or making back-ups in NASCAR?

    1. Anonymous Coward
      Anonymous Coward

      Re: There is no going backwards

      Only going forward 'cause they can't find reverse?

  9. chivo243 Silver badge
    Headmaster

    to be fair

    I wonder how many F1 teams have a proper backup in place?

    1. Blofeld's Cat
      Facepalm

      Re: to be fair

      A former colleague went working for one major F1 team and they were air-gapping everything long before it became fashionable.

      Nothing on the R&D side had any direct connection to the outside world and production software was kept away from development areas. Their race-day hardware was also completely locked down and triplicated.

      Their primary concern was keeping confidential information away from other teams, but the systems they put in place would have laughed off malware attacks.

      1. chivo243 Silver badge

        Re: to be fair

        Triplicated, cool! Like the mechanic in Mad Max said "speed is just a matter of money, how fast do you want to go?"

  10. Uberseehandel

    TeslaCrypt (not TrueCrypt) malware

    Allegedly, in May the developers of TeslaCrypt publicly released the master decryption key. I wonder when the events described occurred.

    I was vaguely surprised that anything more technical than schedules were on the laptop. And possibly some setup data. In my experience normal paranoia causes race teams to back up this kind of data and it won't just be on one machine. This team were exceptional in exposing themselves to a single point of failure.

  11. heenow
    Alert

    No-right-turn racing?

    Tune in for tomorrow's Sonoma race at 1900 GMT.

  12. Unicornpiss
    Meh

    Perspective..

    You can say "yee--haw" at the idea of NASCAR, and not doing timely backups, but having worked for a company that occasionally does in-vehicle testing with laptops, I have been called upon to recover data from a failing hard drive, data that would have required the somewhat expensive and definitely time-consuming repetition of a series of tests, including the recreation and installation of a prototype. This machine was 'fresh' out of a vehicle after several days of testing. IMHO, this could very well be a similar situation as experienced by the NASCAR team, albeit from entropy and not malware. Backups are normally done, but sometimes disaster strikes before a scheduled backup can take place, in special circumstances.

    IMHO this is just a criminal act the same as if someone had pried open a back door of their facility and made off with tools or equipment, requiring the hassle of replacement and revamping of physical security. Unfortunately physical security issues are a lot easy to spot by non-IT folks than the abstract vulnerabilities of an electronic device.

    1. tom dial Silver badge

      Re: Perspective..

      With an appropriate backup scheme it is hard to see them losing more than a day's worth of data.

      "[W]e would lose years' worth of work, millions of dollars" reeks of slackness. Criminal act, for sure, yet so easily mitigated down to relative insignificance.

  13. Jim Oase

    Hey gang, what time is it?

    Hey gang, what time is it?

    For those of a certain age its Howdy Dowdy time.

    Times have changed but one thing is constant, people are greedy with the minimum amount of morals, ethics and virtues to have enough character to keep themselves out of jail. Is the cure for keeping personal privacy better security or an education system that teaches character building?

    A better education system will not cure the whole world, it will make it easier to recognize people with low standards, society will naturally shun them.

    In small communities today doors are rarely locked or need to be. A better security system will keep the door locked for a few days. Then the security company will return with an upgrade and the protection racket makes another cycle.

    Everyone can learn character building starting at a very young age while living their dreams. Few people have the time, motivation or skills to learn computer security and still live their dreams.

    Name all the courses in your K-12 school that teach character building? You can probably write then all on the head of pin.

  14. Anonymous Coward
    Anonymous Coward

    Secrets? What secrets?

    1. Go as fast as you can

    2. Turn, left, left, left, left.

    1. Anonymous Coward
      Anonymous Coward

      Re: Secrets? What secrets?

      And if you ain't first, you're last.

  15. Crazy Operations Guy

    CD-R's/DVD-R's are so very cheap nowadays

    The local office supply store sells 50-packs of DVD-R / 4.7 GB disc for $10. Writable 25 GB Blu-ray are about $1 per disk, the 50 GB ones are around $1.50 each in the larger packs.

    For that price, it's stupid not to keep a copy of your important files on them. Yeah, they're single-use, but they are impervious to ransomware or anything else that attempts to encrypt or delete your data. A single 25 GB BD-R is more than enough to hold my important data, and a large portion of my unimportant stuff. I spend, maybe, $60 a year to backup my data, with the benefit of having weekly snapshots and an indestructible copy (from a software perspective, physically the things are a little delicate but I hardly handle them after they are tested).

    1. Unicornpiss
      Happy

      Re: CD-R's/DVD-R's are so very cheap nowadays

      What machine these days even comes with a CD-ROM drive? But I'm not disagreeing with you. It's human nature though to put off things that are necessary, whether it's mowing the lawn, changing the battery in the smoke detector, getting that corpse out of the trunk, or backing up data.

      1. Crazy Operations Guy

        Re: CD-R's/DVD-R's are so very cheap nowadays

        I use an external USB-based Blu-Ray burning drive for my backups. Picked it up for just under $100 a few months ago, bought a new one for $75 last week so I can test my backups now that I am using 50 GB discs, which my old testing drive didn't support.

        External USB-based DVD-RW drives with all the bells and whistles are only $25-30 for the name-brand versions.

  16. Anonymous Coward
    Anonymous Coward

    Ransomware malware on computers ..

    Nothing to see here, Windows only I presume, moving right along ..

    1. Crazy Operations Guy

      Re: Ransomware malware on computers ..

      There are Linux, android and cross-platform variants out in the wild:

      http://www.theregister.co.uk/2015/11/09/ransomware_targeting_linux_charging_bitcoin/

      http://www.theregister.co.uk/2016/06/13/android_ransomware_infects_tvs/

      http://www.theregister.co.uk/2016/06/20/ransomware_scum_build_weapon_from_javascript/

  17. Leeroy

    Millions !

    What we did know was that if we didn't get the files back, we would lose years' worth of work, millions of dollars."

    A nice tape drive can be had for about £1K, fireproof safe £500 and a monkey to swap them over is essentially free. Maybe next time eh.

  18. 404

    Midget Porn*

    So many levels of stupid here:

    No backups.

    Surfing internet on company machine.

    Only one copy of data? No other machines, no thumb drives, no external drives? Really?

    Great social engineering business plan because victim is not going to admit to whatever they were doing at the time of infection. Never in a million years, using the I didn't do nuffin' defense, while paying for the ransom, the cleanup, and the hardening(ha!) of network defenses.

    Until next time, when IT provides you, your supervisor, and HR a screenshot of you watching midget wrestling again.

    *Used to be my standard answer to the 'What happened to the network/server/workstation?' until a few weeks ago. I learned from UPS Worldwide software tech support, based in Las Vegas, Nevada, that there was indeed midget porn and they were having a midget porn star convention at the Hustler Hotel that very weekend... <speechless> umm, I have questions...

  19. Hubert Thrunge Jr.
    Thumb Up

    The Sonoma road course race shown here in Blighty last night was excellent, puts our shopping car racing to shame (BTCC). As for technology, NASCAR is partly 1950s agricultural, partly bang up to date bleeding edge. Turning left (for most of the races) is so easy that ex-F1 drivers have dominated the sport... oh wait, they haven't... then again NASCAR drivers haven't done the reverse. Agreed about the fool France, though they seem to have woken up this year and improved the racing by reducing the downforce.

  20. Jay 2

    I can't say I'm a huge fan of NASCAR given things like almost always (literally) going round in circles/ovals and their previous idea of having all the cars having the same bodyshell (that has no reference to an acual road car) or buggering about with who knows what in order to improve "the show".

    However there is most definately an art (if not a science) of going round in circles/ovals without hitting anything or anyone else (unless deliberate). So I have some grudging respect for drivers in the three tiers of NASCAR. As Hubert aludes to above many a driver with experience of another series (be it F1, IndyCar/IRL/CART, BTCC/ETCC/WTCC, DTM, etc) has gone to play in NASCAR, and whilst there has been a few respectable results very few have been long-term successful (in terms of wins/championship runs over several seasons).

  21. Aodhhan

    Really... ignorant about NASCAR?

    Let's see, a NASCAR originating team (Chip-Gannasi) just won LeMans using a Ford. Which hasn't been in the race for 40 years; kicking Farrari's arse with ease. Other endurance drivers which have been winners (Corvette teams) also race in NASCAR. Such as Dale Earnhardt Jr.

    F1 Racing.. really? You know who will win the race by the 3rd lap. I see more passing in the hallways of a retirement home. Not to mention the yellow flag rules in Europe, don't exactly make things exciting.

    NASCAR isn't regional. It's followed all over North America, Australia and a few other regional countries.

    American owned racing teams or drivers are at the top of quite a few racing leagues. Even those which run all over Europe. Including rally cross.

    Finally, it isn't just a NASCAR team which can be ignorant to computer security. Many corporations throughout the world fall victim to this without backups.

    It doesn't take a genius to yell out "NO backups, stupid?". So really.

    1. Baldy50

      Re: Really... ignorant about NASCAR?

      Big NASCAR fan, Greyhounds too.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like