Tag Archive for: NRA

NRA finally admits it was hacked by a ransomware group in 2021

/in


The National Rifle Association (NRA) has just said for the very first time that, yes, the organization was indeed treaded on when it became victim of a massive hack last year.

The right wing organization best known for fighting common sense gun control measures after school shootings like the ones at Sandy Hook and Stoneman Douglas — and also acting as a “foreign asset” to Russia –– confirmed the ransomware attack in a Federal Election Commission filing made by the NRA’s political action committee (PAC).

The NRA finally admitted to the attack it suffered in the filing because it needed to explain discrepancies in its financial reports previously submitted to the government. The filing says that around $2,485 in contributions to the organization hadn’t been “processed correctly.” The NRA blamed the hack for the disparity. 

In October 2021, a ransomware group known as Grief targeted the NRA and boasted about the data it had stolen from the gun organization. Grief, which has ties to the Russia-based cybercriminal ring Evil Corp., allegedly stole tax, grant, and investor information from the NRA and posted the stolen information on its website. Grief later released more sensitive personal and financial data, such as bank accounts numbers.

At the time, the NRA would not confirm or deny the hack, releasing a statement that claimed that the “NRA takes extraordinary measures to protect information regarding its members, donors, and operations – and is vigilant in doing so.”

SEE ALSO:

Brands are cutting ties with the NRA after student-led campaign

We now know they weren’t quite vigilant enough. Grief’s ransomware campaign attacked the NRA on Oct.20 and the gun group felt the effects well into November. The NRA’s internet access, emails, and online networks were subject to varied levels of downtime for weeks.

It’s unclear if the NRA ever paid a ransom to Grief in order to avoid the further release of any other stolen data.

Ransomware hacks can be detrimental to an organization. Businesses have shut down after suffering losses from such attacks. It’s too bad this wasn’t one of those cases.

Source…

A Hacking Group Claims to be Holding the NRA to Ransom

/in


Russian-based hacking group Grief posted confidential files belonging to the National Rifle Association on the dark web last week. The criminal organization has threatened to release further stolen documents if its financial demands are not met. 

Government-enforced sanctions relating to paying hacking groups ransoms have effectively put the National Rifle Association in a catch 22 – if it parts with any cash, it could face serious penalties from the US Treasury. 

The NRA is the latest in a long line of US organizations to experience a ransomware attack since the beginning of the Covid-19 pandemic, a sign that it’s now more important than ever for businesses to invest in cybersecurity software and other data protection products.

The NRA’s Ransomware Hack: What We Know

The ransomware attack was reportedly launched by a hacking group called Grief. Based in Russia, members of the group posted 13 files online that it claimed contained stolen, confidential NRA data. 

Reports suggest the files include minutes from a recent NRA meeting, letters of endorsement from political figures, and information regarding grant applications. 

Although the National Rifle Association itself has not directly confirmed that the attack took place, The gun-rights advocacy group’s Managing Director of Public Affairs took to Twitter last week to say:

“NRA does not discuss matters relating to its physical or electronic security. However, the NRA takes extraordinary measures to protect information regarding its members, donors, and operations – and is vigilant in doing so” – Andrew Arulanandam, Managing Director of Public Affairs.

Grief itself has no history of ‘faking’ attacks or claiming responsibility for ransomware campaigns that it didn’t orchestrate. The NRA’s emailing system was down for a significant period of time last week too, something that often happens to companies experiencing ransomware attacks.

The post on the dark web that allegedly contained the files stolen from the NRA has since been taken down. This could mean any number of things, however – it could be as a signal that the ransom has been paid, but equally, it could mean negotiations are only just starting. 

A Grief…

Source…