The San Francisco 49ers (a professional American football team based in the San Francisco Bay Area) recently fell victim to a ransomware attack, causing disruptions on their corporate IT network. In the aftermath of the Superbowl, where the 49ers were soundly beaten, the notorious BlackByte gang claimed responsibility for the 49er’s attack by beginning to leak files that they claim are stolen files.
In a statement about the cyber-incident, the 49ers stated: “While the investigation is ongoing, we believe the incident is limited to our corporate IT network; to date, we have no indication that this incident involves systems outside of our corporate network, such as those connected to Levi’s Stadium operations or ticket holders” (as quoted by TechRadar).
BlackByte are purveyors of ransomware. The operators own a leak website where they advertise the data they have stolen from compromised endpoints that they plan on leaking to the public.
Prior to the incident, the FBI and U.S. Secret Service shared a warning about the ransomware group on February 11, 2022, emphasizing the seriousness of the threat posed by this latest of the various nefarious ransomware criminals.
Commenting on the incident for Digital Journal is Keith Neilson, Technical Evangelist at CloudSphere.
Neilson notes that the football squad were quick to act upon news of the attack emerging: “While the San Francisco 49ers discovered a ransomware attack and acted immediately to remediate disruptions to their network.”
However, Neilson doubts that other large ‘firms’ would have been so prompt, stating that “less high-profile organizations may not be as fortunate. Organizations of any size must make cyber asset management a priority.”
In terms of offering advice to the business community, Neilson provides the following recommendation: “The first step to visibility into the attack surface is to identify all cyber assets in their IT environment and consistently enforce security guardrails in real-time.”
He cautions further that: “Without this holistic visibility of all cyber assets, companies have no way of detecting security threats, let alone addressing them.”