FOLLOW US

The NFL’s San Francisco 49ers football team are victims of a ransomware attack. Just before the Super Bowl kick-off, the team confirmed that they were attacked by the BlackByte ransomware group. 

Cybercriminals who use BlackByte ransomware posted some of the allegedly stolen team records and documents. The gang, using a dark website posted a file marked "2020 Invoices." 

The gang did not make its ransom demands public. And the 49’s have not specified all that was involved in what is typically a data encryption cybercrime. 

Both private industry and governmental offices are at-risk. There have been pledges to crack down on cybercriminal gangs. Many of them are Russia-based. The Ransomware Taskforce was developed to fight cybercrime.

The 49ers are one of the most valuable franchises in the NFL. And they lost a close playoff game last month just missing out on the Superbowl. The team released a statement Sunday. 

It claimed a “network security incident" disrupted some of its corporate IT network systems. The 49ers said they'd notified the police. And have also hired private cybersecurity firms to assist in the investigation. The Ransomware Taskforce will also be on the case.

“To date, we do not indicate that this incident involves systems outside of our corporate network, such as those connected to Levi’s Stadium operations or ticket holders,” the team statement continued. Levi Stadium is the home stadium.

CISA advisory prior to San Francisco 49ers attack

The ransomware attack comes just two days after the Cybersecurity and Infrastructure Security Agency (CISA), along with the FBI, NSA, Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC-UK) issued a joint Cybersecurity Advisory outlining the growing international threat posed by ransomware over the past year.   

“The FBI is committed to protecting the public from the rise in ransomware attacks that we have seen in recent years,” said Assistant Director Bryan Vorndran of the FBI's Cyber Division. 

“With our partners in and outside of government, the FBI is working to bring all our tools to bear against these criminals. It is critical for business leaders across industries and the public to take action immediately to harden their systems and work with law enforcement to tackle this threat,” Vorndran added.

The advisory says ransomware had “compromised multiple US and foreign businesses, including entities in at least three US critical infrastructure sectors” since November.