NRA confirms it was hit by ransomware attack

(Image credit: Shutterstock / binarydesign)

The National Rifle Association (NRA) has finally confirmed it suffered a ransomware attack last October.

The NRA’s political action committee (PAC) filed a report to the Federal Election Commission (FEC), earlier this month to confirm the attack, claiming it was the reason why the organization couldn’t report some of the donations it had received at the time.

The filing says the attack, which took place on October 20, 2021, took down its network for a fortnight. “During that time, we were not able to access email or network files. When our Information Security team brought our network back online, the process was undertaken slowly and carefully, with the end result that we did not have full access to our network and the internet until the second week of November,” the filing reads. 

TechRadar needs yo...

We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time. Thank you for taking part.

>> Click here to start the survey in a new window <<

No word on ransom payment

“During the network restoration process, one batch of credit card receipts was not processed correctly into our donor database. This batch, which was discovered during our year-end close, totaled $2,485.66 and included 83 individual transactions. It is being disclosed on the November 2021 Monthly Report as an additional $1,609.66 on Line 11(a)(i) and an additional $876.00 on Line 11(a)(ii).”

The document doesn’t state how the network got compromised, and whether or not any viruses or malware had been used. It also doesn’t discuss if any ransomware was paid, or to whom. 

The Verge, on the other hand, reminds that a known Russia-based ransomware group, Grief, claimed responsibility for the attack, posting on the dark web data that it claims came from the breach.

Following the incident, the organization implemented “additional cybersecurity measures”, to make sure a similar attack doesn’t happen again, the report concludes. No elaboration on what that means, in practice.

Via: The Verge

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.