NRA refuses to confirm reports of ransomware hack

News
By Mayank Sharma
published

Group behind NRA ransomware attack had already been sanctioned by US

cybersecurity
(Image credit: Shutterstock)

The National Rifle Association (NRA) has released a statement saying that it is against its policy to discuss matters of security, a day after a ransomware gang claimed to have attacked the organization. 

Brett Callow, threat analyst with Emisoft, makers of a popular anti-malware solution that can thwart such attacks, was one of the first to have caught that the Grief ransomware had listed the NRA as its victim. Grief reportedly has ties to the notorious Evil Corp cybercrime syndicate.  

“NRA does not discuss matters relating to its physical or electronic security. However, the NRA takes extraordinary measures to protect information regarding its members, donors, and operations – and is vigilant in doing so,” Andrew Arulanandam, MD, NRA Public Affairs said via a statement shared on Twitter.

TechRadar needs yo...

We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

>> Click here to start the survey in a new window <<

According to cybersecurity researchers, Grief, like many ransomware operators posted a handful of files that it had exfiltrated from the NRA, as part of its double-extortion shenanigans, in order to back their claim that they had indeed penetrated the organization. 

Keyboard to a gunfight

ZDNet claims that an analysis of these documents reveal some to be minutes from a recent NRA board meeting, while others are related to grants, including a list of recent grant recipients. 

Grief has threatened to leak more files if the NRA did not pay the undisclosed ransom. 

Although paying a ransomware operator is a tricky prospect, it’s even trickier in the case of Grief. If the NRA does indeed decide to pony up, it will have to jump through a few more hoops since Evil Corp has been sanctioned by the US Treasury Department since 2019, meaning that any engagement and payments will have to seek the department’s nod.

Paul Bischoff, privacy advocate at Comparitech, told ZDNet, that it is up to the individual NRA members to protect themselves from any repercussions that might arise as a result of this breach with the help of services such as identity theft protection.  

"A gun won't help. Even if the NRA pays the ransom, there is no guarantee that Grief will destroy the stolen data," warned Bischoff.

Mayank Sharma
Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.