back to article NASCAR team red-flagged by ransomware attack

NASCAR, America's favorite no-right-turn racing format, has joined the growing ranks of people hit by, and paying out to fix, ransomware. The Circle Sport – Leavine Family Racing (CSLFR) has admitted paying off ransomware runners after one of its main test computers got infected with Truecrypt malware. The laptop was quickly …

This post has been deleted by its author

Anonymous Coward

>NASCAR, America's favorite no-right-turn racing format,

Its still largely a regional sport (especially since the recession, and the France grandson taking over being a retard). Still with Tony George being an even bigger retard (AJ Foyt with the assist) and destroying open wheel racing (including circuit left turn only) in the US I guess its true. As for the IT angle well I sure do enjoy the occasion NASCAR video racing griefer video. Ex prison hillbillies do say some crazy stuff in a rage hehe.

3
0
Silver badge

@AC - NASCAR has its origins with moonshiners try to outrun the law in the South. Given the "good-ole-boy" background, if does not have anything to do with cars they are pretty much below clueless.

3
0
Anonymous Coward

preaching to choir

Trust me, growing up in rural flyover country with hick relatives (and even a Dad) who used to watch that sh1t so long ago that they didn't show the whole race on Wide World of Sports I know exactly what Nascar and its even more hillbilly midwest cousin World of Outlaws sprint cars (what we watched live) are all about.

1
0
Silver badge
Windows

Re: preaching to choir

What's wrong with you elitist fa**ots? Sounds like good fun with mecha, definitely more than association football. Or any football for that matter.

2
6
Anonymous Coward

Re: preaching to choir

Who said anything about soccer? I wouldn't use derogatory sexual slang about it or its players but hardly going to defend it and its grab your leg flopping. If you thought I was some Euro you should have went after F1 or something (even lamer racing). Don't know, racing like most all sports (just yet more business wrapped in circus bow) just bores me these days, elitism aside.

1
1
Anonymous Coward

Re: preaching to choir

"fa**ot"..... If you thought I was some Euro you should have...

Err, I say you colonials! Could you pipe down for a while?

3
0
Anonymous Coward

Re: preaching to choir

fa**ot hasn't be used to denote certain members of the "LGBT community" for some time now. I think the late 90s or so.

2
2
Anonymous Coward

Re: preaching to choir

>Err, I say you colonials! Could you pipe down for a while?

If only we were as wise politically as the UK, sorry I mean now just England. Still barbs aside hopefully Brexit buyers remorse will make some think twice about Trump as a protest vote.

0
1
Silver badge

Sounds like no one has heard of the words: "back up"? Although in NASCAR parlance, if you said that, they'd think you want go in reverse.

7
0
Bronze badge

re Backup

Call me what you will, but an image of Deliverance entered my mind.

7
0
Silver badge

Re: re Backup

Squeal like a piggy boy, squeal like a piggy that ain't got no back-up copies! Squee! Squee!

7
0
Silver badge

When...

Will someone exercise their 2nd amendment rights to those at the other end of the wire? Law enforcement should be "on top" of this and get cracking.

Maybe when something like this infects a network at some big country capital will they start to so something!

0
2

Re: When...

No, there has been some gross negligence here, but it is not on the part of law enforcement failing to stop these people ...

If the data is valuable, BACK IT UP. Jeezus, even (paid for) Dropbox will save you from this, just roll it back.

5
1
Silver badge

Re: When...

If the data is valuable, BACK IT UP.

And then back it up to another device as well after you have checked it!

2
0
Silver badge

"Will someone exercise their 2nd amendment rights"

The second amendment in no way give anyone permission to shoot another person. It just allows you to posses a firearm. Beside, no one really knows who the people running the ransom-ware actually are. The ransom-ware is distributed by bots operated by anonymous folk renting out their botnets who have had almost zero contact with the person actually running the ransomware (And even then, its just a username and some compromised bank account). On the other side, the money gets pushed through a couple layers worth of compromised and numbered accounts by anonymous money mules. In most cases, that money is then used to pay for botnets to produce fake clicks on advertisements to generate 'affiliate revenue' for websites the ransomware operators may own.

My point is, the ransomware folk know what they are doing and have built in many many layers of defense into their operations. Some of the more sophisticated ransomware operators have operations so complicated and difficult to pierce they make the CIA look like a couple of toddlers trying to trick their parents by speaking in pig latin.

2
0

No backup, no commiseration.

'nuff said.

9
1

Re: No backup, no commiseration.

they were 'backing up' to dropbox but the infected laptop was overwriting good files in dropbox with encrypted ones

0
0
Silver badge

Re: No backup, no commiseration.

I thought Dropbox provided snapshots? What went wrong with that?

2
0
Silver badge

Re: No backup, no commiseration.

Maybe they were using a free Dropbox account?

0
0

TeslaCrypt

>>Leavine Family Racing (CSLFR) has admitted paying off ransomware runners after one of its main test computers got infected with Truecrypt malware.

That's TeslaCrypt, not Truecrypt.

5
0

"The data that they were threatening to take from us was priceless, we couldn't go one day without it greatly impacting the team's future success. What we did know was that if we didn't get the files back, we would lose years' worth of work, millions of dollars. However, we can't be arsed to go to Costco and spend $40 on a backup drive, or even keep our files on a USB stick."

There, FTFY.

12
1
Silver badge

There is no going backwards

or making back-ups in NASCAR?

0
0
Anonymous Coward

Re: There is no going backwards

Only going forward 'cause they can't find reverse?

0
0
Silver badge
Headmaster

to be fair

I wonder how many F1 teams have a proper backup in place?

3
0
Silver badge
Facepalm

Re: to be fair

A former colleague went working for one major F1 team and they were air-gapping everything long before it became fashionable.

Nothing on the R&D side had any direct connection to the outside world and production software was kept away from development areas. Their race-day hardware was also completely locked down and triplicated.

Their primary concern was keeping confidential information away from other teams, but the systems they put in place would have laughed off malware attacks.

17
0
Silver badge

Re: to be fair

Triplicated, cool! Like the mechanic in Mad Max said "speed is just a matter of money, how fast do you want to go?"

0
0

TeslaCrypt (not TrueCrypt) malware

Allegedly, in May the developers of TeslaCrypt publicly released the master decryption key. I wonder when the events described occurred.

I was vaguely surprised that anything more technical than schedules were on the laptop. And possibly some setup data. In my experience normal paranoia causes race teams to back up this kind of data and it won't just be on one machine. This team were exceptional in exposing themselves to a single point of failure.

4
0
Alert

No-right-turn racing?

Tune in for tomorrow's Sonoma race at 1900 GMT.

2
0
Silver badge
Meh

Perspective..

You can say "yee--haw" at the idea of NASCAR, and not doing timely backups, but having worked for a company that occasionally does in-vehicle testing with laptops, I have been called upon to recover data from a failing hard drive, data that would have required the somewhat expensive and definitely time-consuming repetition of a series of tests, including the recreation and installation of a prototype. This machine was 'fresh' out of a vehicle after several days of testing. IMHO, this could very well be a similar situation as experienced by the NASCAR team, albeit from entropy and not malware. Backups are normally done, but sometimes disaster strikes before a scheduled backup can take place, in special circumstances.

IMHO this is just a criminal act the same as if someone had pried open a back door of their facility and made off with tools or equipment, requiring the hassle of replacement and revamping of physical security. Unfortunately physical security issues are a lot easy to spot by non-IT folks than the abstract vulnerabilities of an electronic device.

4
1
Silver badge

Re: Perspective..

With an appropriate backup scheme it is hard to see them losing more than a day's worth of data.

"[W]e would lose years' worth of work, millions of dollars" reeks of slackness. Criminal act, for sure, yet so easily mitigated down to relative insignificance.

0
0

Hey gang, what time is it?

Hey gang, what time is it?

For those of a certain age its Howdy Dowdy time.

Times have changed but one thing is constant, people are greedy with the minimum amount of morals, ethics and virtues to have enough character to keep themselves out of jail. Is the cure for keeping personal privacy better security or an education system that teaches character building?

A better education system will not cure the whole world, it will make it easier to recognize people with low standards, society will naturally shun them.

In small communities today doors are rarely locked or need to be. A better security system will keep the door locked for a few days. Then the security company will return with an upgrade and the protection racket makes another cycle.

Everyone can learn character building starting at a very young age while living their dreams. Few people have the time, motivation or skills to learn computer security and still live their dreams.

Name all the courses in your K-12 school that teach character building? You can probably write then all on the head of pin.

0
0
Anonymous Coward

Secrets? What secrets?

1. Go as fast as you can

2. Turn, left, left, left, left.

3
1
Silver badge

Re: Secrets? What secrets?

And if you ain't first, you're last.

0
0
Silver badge

CD-R's/DVD-R's are so very cheap nowadays

The local office supply store sells 50-packs of DVD-R / 4.7 GB disc for $10. Writable 25 GB Blu-ray are about $1 per disk, the 50 GB ones are around $1.50 each in the larger packs.

For that price, it's stupid not to keep a copy of your important files on them. Yeah, they're single-use, but they are impervious to ransomware or anything else that attempts to encrypt or delete your data. A single 25 GB BD-R is more than enough to hold my important data, and a large portion of my unimportant stuff. I spend, maybe, $60 a year to backup my data, with the benefit of having weekly snapshots and an indestructible copy (from a software perspective, physically the things are a little delicate but I hardly handle them after they are tested).

3
0
Silver badge
Happy

Re: CD-R's/DVD-R's are so very cheap nowadays

What machine these days even comes with a CD-ROM drive? But I'm not disagreeing with you. It's human nature though to put off things that are necessary, whether it's mowing the lawn, changing the battery in the smoke detector, getting that corpse out of the trunk, or backing up data.

0
1
Silver badge

Re: CD-R's/DVD-R's are so very cheap nowadays

I use an external USB-based Blu-Ray burning drive for my backups. Picked it up for just under $100 a few months ago, bought a new one for $75 last week so I can test my backups now that I am using 50 GB discs, which my old testing drive didn't support.

External USB-based DVD-RW drives with all the bells and whistles are only $25-30 for the name-brand versions.

1
0
Anonymous Coward

Ransomware malware on computers ..

Nothing to see here, Windows only I presume, moving right along ..

0
2
Silver badge

Re: Ransomware malware on computers ..

There are Linux, android and cross-platform variants out in the wild:

http://www.theregister.co.uk/2015/11/09/ransomware_targeting_linux_charging_bitcoin/

http://www.theregister.co.uk/2016/06/13/android_ransomware_infects_tvs/

http://www.theregister.co.uk/2016/06/20/ransomware_scum_build_weapon_from_javascript/

2
0

Millions !

What we did know was that if we didn't get the files back, we would lose years' worth of work, millions of dollars."

A nice tape drive can be had for about £1K, fireproof safe £500 and a monkey to swap them over is essentially free. Maybe next time eh.

1
0
404
Silver badge

Midget Porn*

So many levels of stupid here:

No backups.

Surfing internet on company machine.

Only one copy of data? No other machines, no thumb drives, no external drives? Really?

Great social engineering business plan because victim is not going to admit to whatever they were doing at the time of infection. Never in a million years, using the I didn't do nuffin' defense, while paying for the ransom, the cleanup, and the hardening(ha!) of network defenses.

Until next time, when IT provides you, your supervisor, and HR a screenshot of you watching midget wrestling again.

*Used to be my standard answer to the 'What happened to the network/server/workstation?' until a few weeks ago. I learned from UPS Worldwide software tech support, based in Las Vegas, Nevada, that there was indeed midget porn and they were having a midget porn star convention at the Hustler Hotel that very weekend... <speechless> umm, I have questions...

3
0
Thumb Up

The Sonoma road course race shown here in Blighty last night was excellent, puts our shopping car racing to shame (BTCC). As for technology, NASCAR is partly 1950s agricultural, partly bang up to date bleeding edge. Turning left (for most of the races) is so easy that ex-F1 drivers have dominated the sport... oh wait, they haven't... then again NASCAR drivers haven't done the reverse. Agreed about the fool France, though they seem to have woken up this year and improved the racing by reducing the downforce.

1
0
Bronze badge

I can't say I'm a huge fan of NASCAR given things like almost always (literally) going round in circles/ovals and their previous idea of having all the cars having the same bodyshell (that has no reference to an acual road car) or buggering about with who knows what in order to improve "the show".

However there is most definately an art (if not a science) of going round in circles/ovals without hitting anything or anyone else (unless deliberate). So I have some grudging respect for drivers in the three tiers of NASCAR. As Hubert aludes to above many a driver with experience of another series (be it F1, IndyCar/IRL/CART, BTCC/ETCC/WTCC, DTM, etc) has gone to play in NASCAR, and whilst there has been a few respectable results very few have been long-term successful (in terms of wins/championship runs over several seasons).

0
0

Really... ignorant about NASCAR?

Let's see, a NASCAR originating team (Chip-Gannasi) just won LeMans using a Ford. Which hasn't been in the race for 40 years; kicking Farrari's arse with ease. Other endurance drivers which have been winners (Corvette teams) also race in NASCAR. Such as Dale Earnhardt Jr.

F1 Racing.. really? You know who will win the race by the 3rd lap. I see more passing in the hallways of a retirement home. Not to mention the yellow flag rules in Europe, don't exactly make things exciting.

NASCAR isn't regional. It's followed all over North America, Australia and a few other regional countries.

American owned racing teams or drivers are at the top of quite a few racing leagues. Even those which run all over Europe. Including rally cross.

Finally, it isn't just a NASCAR team which can be ignorant to computer security. Many corporations throughout the world fall victim to this without backups.

It doesn't take a genius to yell out "NO backups, stupid?". So really.

0
0
Bronze badge

Re: Really... ignorant about NASCAR?

Big NASCAR fan, Greyhounds too.

0
0

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2017