A ransomware gang targeted the San Francisco 49ers the weekend of the Super Bowl, when all eyes are on football, perhaps reinforcing the allure among cybercriminals of high profile events.
The 49ers are not, of course, in the Super Bowl. And no details have emerged about whether other teams were also targeted or whether the attackers first began exploring potential targets during playoffs, when the 49ers were still in contention for the championship game. Regardless, targeting any NFL team a day before the big game surely gets added attention.
A spokesperson confirmed the ransomware attack to The Record by Recorded Future, stating that the BackByte group encrypted files on its corporate IT network. The team confirmed the attack Sunday, one day after operators of the BlackByte ransomware listed the team as one of their victims on a dark web leak site the used to shame victims and force them into paying their extortion demands.
SC Media sister site MSSP Alert detailed advice provided by the FBI for managed security service providers to mitigate a potential attack on end customers, noting a dozen best practices, including up-to-date patching, network segmentation, and regular backups of all data stored as air gapped, password protected copies offline.