A ransomware gang thought to be based in Russia has claimed responsibility for hacking into systems belonging to the National Rifle Association and leaking data to the dark web.
It's not known how much, if any, data the gang has collected from the organization, but members of the infosec community have already posted screenshots of the leaked data to Twitter.
These files show data related to the various grants the NRA has awarded in recent years, according to reports by the Associated Press.
The ransomware group, known as Grief, claims to have posted 13 files to its website, and has threatened to release more if the NRA refuses to pay a ransom, according to an NBC report, although it's currently unclear how large this ransom is.
The files, seen by NBC reporters, include a blank grant proposal form, a list of recent grant recipients, an email to a recent grant winner earlier this month, and an IRS W-9 form. The minutes of an NRA teleconference meeting held last September were also found in the files.
NRA spokesman Andrew Arulanandam took to Twitter on Wednesday to say that his organization “does not discuss matters relating to its physical or electronic security. However, the NRA takes extraordinary measures to protect information regarding its members, donors, and operations – and is vigilant in doing so.”
RELATED RESOURCE
The best defence against ransomware
How ransomware is evolving and how to defend against it
However, according to the Associated Press, a person with direct knowledge of the situation revealed the NRA had issues with its email system this week, a signal of a possible ransomware attack.
Grief is considered by many in the infosec community to be a rebrand of another ransomware group known as Evil Corp. Evil Corp is currently under sanctions by the U.S. Treasury Department, following the theft of more than $100 million from banks and other financial institutions across 40 countries.
According to Allan Liska, a ransomware analyst at the cyber security firm Recorded Future, the two groups are one and the same. Liska added that it is highly unusual for political groups, such as the NRA, to be targets of a ransomware attack.
"It's not likely that this was specifically targeted at the NRA — the NRA just happened to get hit," he told CBS News. "You never know, though."
-
Enterprises can’t keep a lid on surging cyber incident costsNews With increasing threats and continuing skills shortages, AI tools are becoming a necessity for some
-
UK software developers are still cautious about AI, and for good reasonNews Experts say developers are “right to take their time” with AI coding solutions given they still remain a nascent tool
-
Volkswagen confirms security ‘incident’ amid ransomware breach claimsNews Volkswagen has confirmed a security "incident" has occurred, but insists no IT systems have been compromised.
-
The number of ransomware groups rockets as new, smaller players emergeNews The good news is that the number of victims remains steady
-
Teens arrested over nursery chain Kido hacknews The ransom attack caused widespread shock when the hackers published children's personal data
-
NCA confirms arrest after airport cyber disruptionNews Disruption is easing across Europe following the ransomware incident
-
Cyber professionals are losing sleep over late night attacksNews Hackers are biding their time and launching attacks when businesses can’t respond
-
Prolific ransomware operator added to Europe’s Most Wanted list as US dangles $10 million rewardNews The US Department of Justice is offering a reward of up to $10 million for information leading to the arrest of Volodymyr Viktorovych Tymoshchuk, an alleged ransomware criminal.
-
Jaguar Land Rover “did the right thing” shutting down systems to thwart cyber attackNews The attack on Jaguar Land Rover highlights the growing attractiveness of the automotive sector
-
Ransomware attack on IT supplier disrupts hundreds of Swedish municipalitiesNews The attack on IT systems supplier Miljödata has impacted public sector services across the country
