San Francisco 49ers Confirm Network Security Incident; ransomware gang claims responsibility

Originally Posted: Feb 13 22 6:30 PM ET

By Sean Lyngaas, CNN

(CNN) – The San Francisco 49ers football team said on Sunday that a “network security incident” disrupted some of the organization’s computer systems, after a ransomware gang claimed the NFL franchise. as a victim.

News of the incident broke just hours before Super Bowl LVI kicked off, which the 49ers would play in had they not narrowly lost to the Los Angeles Rams two weeks ago.

Roger Hacker, 49ers vice president of corporate communications, declined to comment when CNN asked if ransomware was involved in the incident.

The incident appears to be “limited to our corporate computer network” and did not affect computer systems involved in team stadium operations or systems related to ticket holders, the 49ers said in a statement. at CNN.

“Upon learning of the incident, we immediately opened an investigation and took action to contain the incident,” the statement said.

The 49ers hired cybersecurity firms to recover from the incident and notified law enforcement officials, the franchise said.

“As the investigation continues, we are working diligently to restore the systems involved as quickly and safely as possible,” the 49ers said.

Hackers behind a type of ransomware known as BlackByte have listed the 49ers on their website as suspected victims, a tactic cybercriminals often use to pressure organizations into paying a ransom. .

The FBI and the Secret Service told US companies in a Feb. 11 advisory to be on the lookout for BlackByte ransomware, which the agencies said had been used to compromise US organizations in the areas of government facilities, finance, food and agriculture.

BlackByte is just one of many types of ransomware whose owners operate what is known as a “ransomware as a service” business model. The ransomware owner sells access to the malicious code to other cybercriminals, who carry out ransomware attacks and usually share the proceeds with the owner. The diffuse nature of the criminal operation may make it more difficult for law enforcement officials to trace.

The Biden administration has sought to aggressively crack down on the system that allows ransomware to thrive, whether it’s helping stop suspected ransomware agents in Europe or sanctioning cryptocurrency exchanges that facilitate payment of ransoms.

But while some ransomware groups have scaled back their attacks, others have continued to try to extort American companies. Cybercriminals received more than $1.2 billion in ransom payments in 2020 and 2021 combined, according to cryptocurrency tracking firm Chainalysis.

Cybersecurity has been a consideration for federal officials preparing for Sunday’s Super Bowl. The Department of Homeland Security said some of the 500 personnel who assisted with physical and cybersecurity at the event conducted game-day infrastructure cybersecurity assessments.

™ & © 2022 Cable News Network, Inc., a WarnerMedia company. All rights reserved.

Kevin M. Risinger