Friend
Professional
- Messages
- 2,653
- Reaction score
- 851
- Points
- 113
The organization revealed the unpleasant details of the May hack.
The American Amateur Radio League (ARRL) recently confirmed the payment of a $1 million ransom to rebuild its systems after a ransomware cyberattack that occurred in May.
Upon detecting the incident, the organization immediately shut down the affected systems to prevent further spread of the threat. Already in July, ARRL reported that its network had been attacked by a "malicious international cyber group" that used "sophisticated hacking techniques."
While ARRL has not officially indicated which group was behind the attack, sources said the Embargo group was responsible. A document filed in July with the Maine Attorney General's office indicated that only 150 ARRL employees were affected by the data breach.
When the organization revealed that it had taken "all necessary measures" to prevent the further spread of the stolen data, many took this as confirmation that ARRL had paid or was about to pay a ransom. As it turned out, these assumptions were not groundless.
ARRL admitted that it did pay the ransom, but not to prevent a data breach, but to get a decryption tool to restore the systems affected by the attack. In a statement, the organization said that the attackers demanded a huge amount, despite the limited resources of the non-profit organization.
According to ARRL, negotiations with the hackers were tense, but in the end, a ransom of $1 million was agreed. A significant portion of this amount, including the cost of restoring the systems, was covered by the organization's insurance policy.
Currently, most of the ARRL systems have already been restored, and the league expects that it will take up to two months to fully restore all affected servers to the new infrastructure standards, including the data backup system.
This incident vividly illustrates how vulnerable even non-profit organizations can be in the face of modern cyber threats. He emphasizes the critical importance of investing in strong cyber defenses and having a comprehensive security incident response plan.
In addition, the ARRL case raises ethical questions about the advisability of paying ransoms to cybercriminals, which can encourage further attacks, but is sometimes the only way to restore critical systems relatively quickly.
Source
The American Amateur Radio League (ARRL) recently confirmed the payment of a $1 million ransom to rebuild its systems after a ransomware cyberattack that occurred in May.
Upon detecting the incident, the organization immediately shut down the affected systems to prevent further spread of the threat. Already in July, ARRL reported that its network had been attacked by a "malicious international cyber group" that used "sophisticated hacking techniques."
While ARRL has not officially indicated which group was behind the attack, sources said the Embargo group was responsible. A document filed in July with the Maine Attorney General's office indicated that only 150 ARRL employees were affected by the data breach.
When the organization revealed that it had taken "all necessary measures" to prevent the further spread of the stolen data, many took this as confirmation that ARRL had paid or was about to pay a ransom. As it turned out, these assumptions were not groundless.
ARRL admitted that it did pay the ransom, but not to prevent a data breach, but to get a decryption tool to restore the systems affected by the attack. In a statement, the organization said that the attackers demanded a huge amount, despite the limited resources of the non-profit organization.
According to ARRL, negotiations with the hackers were tense, but in the end, a ransom of $1 million was agreed. A significant portion of this amount, including the cost of restoring the systems, was covered by the organization's insurance policy.
Currently, most of the ARRL systems have already been restored, and the league expects that it will take up to two months to fully restore all affected servers to the new infrastructure standards, including the data backup system.
This incident vividly illustrates how vulnerable even non-profit organizations can be in the face of modern cyber threats. He emphasizes the critical importance of investing in strong cyber defenses and having a comprehensive security incident response plan.
In addition, the ARRL case raises ethical questions about the advisability of paying ransoms to cybercriminals, which can encourage further attacks, but is sometimes the only way to restore critical systems relatively quickly.
Source
