Ransomware gang claims to have hacked the NRA

“Grief" gang says it has already leaked some of its stolen data to the dark web

Handguns placed on a US flag beside the logo for the National Rifle Association

A ransomware gang thought to be based in Russia has claimed responsibility for hacking into systems belonging to the National Rifle Association and leaking data to the dark web.

It's not known how much, if any, data the gang has collected from the organization, but members of the infosec community have already posted screenshots of the leaked data to Twitter.

These files show data related to the various grants the NRA has awarded in recent years, according to reports by the Associated Press.

The ransomware group, known as Grief, claims to have posted 13 files to its website, and has threatened to release more if the NRA refuses to pay a ransom, according to an NBC report, although it's currently unclear how large this ransom is.

The files, seen by NBC reporters, include a blank grant proposal form, a list of recent grant recipients, an email to a recent grant winner earlier this month, and an IRS W-9 form. The minutes of an NRA teleconference meeting held last September were also found in the files.

NRA spokesman Andrew Arulanandam took to Twitter on Wednesday to say that his organization “does not discuss matters relating to its physical or electronic security. However, the NRA takes extraordinary measures to protect information regarding its members, donors, and operations – and is vigilant in doing so.”

Related Resource

The best defence against ransomware

How ransomware is evolving and how to defend against it

Blue padlock Free download

However, according to the Associated Press, a person with direct knowledge of the situation revealed the NRA had issues with its email system this week, a signal of a possible ransomware attack.

Grief is considered by many in the infosec community to be a rebrand of another ransomware group known as Evil Corp. Evil Corp is currently under sanctions by the U.S. Treasury Department, following the theft of more than $100 million from banks and other financial institutions across 40 countries.

According to Allan Liska, a ransomware analyst at the cyber security firm Recorded Future, the two groups are one and the same. Liska added that it is highly unusual for political groups, such as the NRA, to be targets of a ransomware attack.

"It's not likely that this was specifically targeted at the NRA — the NRA just happened to get hit," he told CBS News. "You never know, though."

Featured Resources

2021 Thales cloud security study

The challenges of cloud data protection and access management in a hybrid and multi cloud world

Free download

IDC agility assessment

The competitive advantage in adaptability

Free Download

Digital transformation insights from CIOs for CIOs

Transformation pilotes, co-pilots, and engineers

Free download

What ITDMs did next - and what they should be doing now

Enable continued collaboration and communication for hybrid workers

Recommended

Sabbath hackers are targeting US schools and hospitals
ransomware

Sabbath hackers are targeting US schools and hospitals

29 Nov 2021
Out-of-hours ransomware attacks have a greater impact on revenue
ransomware

Out-of-hours ransomware attacks have a greater impact on revenue

18 Nov 2021
US and Israel join forces to fight ransomware
ransomware

US and Israel join forces to fight ransomware

15 Nov 2021
Almost 70% of CISOs expect a ransomware attack
ransomware

Almost 70% of CISOs expect a ransomware attack

19 Oct 2021

Most Popular

What should you really be asking about your remote access software?
Sponsored

What should you really be asking about your remote access software?

17 Nov 2021
What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

30 Nov 2021
How to move Microsoft's Windows 11 from a hard drive to an SSD
Microsoft Windows

How to move Microsoft's Windows 11 from a hard drive to an SSD

24 Nov 2021