Russian-based hacking group Grief posted confidential files belonging to the National Rifle Association on the dark web last week. The criminal organization has threatened to release further stolen documents if its financial demands are not met.
Government-enforced sanctions relating to paying hacking groups ransoms have effectively put the National Rifle Association in a catch 22 – if it parts with any cash, it could face serious penalties from the US Treasury.
The NRA is the latest in a long line of US organizations to experience a ransomware attack since the beginning of the Covid-19 pandemic, a sign that it’s now more important than ever for businesses to invest in cybersecurity software and other data protection products.
The NRA’s Ransomware Hack: What We Know
The ransomware attack was reportedly launched by a hacking group called Grief. Based in Russia, members of the group posted 13 files online that it claimed contained stolen, confidential NRA data.
Reports suggest the files include minutes from a recent NRA meeting, letters of endorsement from political figures, and information regarding grant applications.
Although the National Rifle Association itself has not directly confirmed that the attack took place, The gun-rights advocacy group’s Managing Director of Public Affairs took to Twitter last week to say:
“NRA does not discuss matters relating to its physical or electronic security. However, the NRA takes extraordinary measures to protect information regarding its members, donors, and operations – and is vigilant in doing so” – Andrew Arulanandam, Managing Director of Public Affairs.
Grief itself has no history of ‘faking’ attacks or claiming responsibility for ransomware campaigns that it didn’t orchestrate. The NRA’s emailing system was down for a significant period of time last week too, something that often happens to companies experiencing ransomware attacks.
The post on the dark web that allegedly contained the files stolen from the NRA has since been taken down. This could mean any number of things, however – it could be as a signal that the ransom has been paid, but equally, it could mean negotiations are only just starting.