A recent ransomware attack from a ransomware group known as “Grief” (with alleged ties to well known Russian cybercrime group Evil Corp), has stated that they hold 13 key files belonging to theNational Rifle Association that they intend to hold hostage or leak unless the NRA pays the ransom which is of an undisclosed value. At the time of writing, the NRA has declined to make any definitive statements confirming whether or not Grief had actually breached NRA cybersecurity and if the nonprofit 2nd amendment organization plans on paying any ransom.
Grief Ransomware Holds NRA Files Hostage After Alleged Cyberattack
On Wednesday afternoon October the 27th, NRA Public Affairs managing director Andrew Arulanandam released the following statement on Twitter in regards to the attack:
“NRA does not discuss matters relating to its physical or electronic security. However, the NRA takes extraordinary measures to protect information regarding its members, donors, and operations – and is vigilant in doing so.”
–Andrew Arulanandam, managing dir., NRA Public Affairs
Grief allegedly has in its possession 13 additional files as well as one that was leaked to the public earlier. The leaked document shows minutes from a recent NRA board meeting as well as documents related to grants. Other files allegedly in possession by the group apparently include sensitive tax information which could potentially be abused by tax fraud perpetrators. Both cybersecurity researchers, as well as privacy advocates within the industry, say that the NRA should take steps to protect itself from any repercussions that might result from any additional leaks.
Now, the NRA is faced with the difficult decision of either paying off the undisclosed ransom or allowing Grief to leak the potentially sensitive files. Capitulating to Grief would require authorization from the US Treasury Department since the federal agency has current sanctions on Evil Corp which Grief is allegedly tied to. Even if the NRA does pay the ransom, there is no guarantee that the group would destroy the files.
This content was originally published here.