RICHMOND (VA) -- An alleged ransomware gang operating out of Russia claims it has hacked the National Rifle Association. This is the largest gun-rights organization in the United States.
Grief, a gang that calls itself Grief, published some of the NRA files on a dark website. The files were reviewed by The Associated Press and relate to grants that the NRA has granted. Ransomware gangs post victim's files on the internet in an attempt to get them to pay a ransom.
Andrew Arulanandam, a spokesperson for the NRA, stated on Twitter that the NRA does not discuss issues relating to its electronic or physical security and takes "extraordinary steps" to protect its information. An individual with direct knowledge of the situation, who spoke under anonymity and was not authorized to speak publicly about the matter, stated that the NRA had issues with its email system this past week. This could be a sign of ransomware.
Ransomware attacks against companies and organizations have increased in recent years, but they are rarely as politically sensitive than the NRA. This group has been close to Republican legislators for many years and is a strong supporter of Republican candidates. In the two previous presidential elections, the NRA spent millions trying to support Donald Trump.
Although the group has been plagued by financial and legal problems in recent times, it remains a powerful force politically with more than 5,000,000 members.
Allan Liska is an intelligence analyst at Recorded Future. He said that it was unusual for a politically active group like the NRA to be attacked by ransomware groups, but there is no evidence that the attack was motivated politically. He stated that ransomware gangs rarely target organizations but instead vulnerable technologies.
He stated, "It's unlikely that this was targeted specifically at the NRA. The NRA just happened get hit." "You just never know."
Liska suggested that the ransomware attack could be responsible for the email problems. Ransomware gangs are most interested in email systems because they contain sensitive information that can hamper an organization's ability to respond to an attack. This could further encourage them to pay ransom.
The FBI spokespeople did not immediately respond to a request for comment.
Many cybersecurity experts believe Greif may be connected to Evil Corp, a ransomware gang once active. In 2019, the U.S. Treasury Department placed sanctions on Greif, claiming that it had taken more than $100,000,000 from 40 banks and financial institutions across the world.
Relations between the U.S. & Russia have been straining this year due to a series of ransomware attacks on American targets by Russia-based cyber-gangs. In an attempt to pressure Vladimir Putin to crack down against ransomware criminals in Russia, President Joe Biden warned him. However, several high-ranking cybersecurity officials from the Biden administration have stated recently that they have not seen any evidence.
