Article Details
Scrape Timestamp (UTC): 2024-06-04 20:19:56.699
Original Article Text
Click to Toggle View
ARRL says it was hacked by an "international cyber group". American Radio Relay League (ARRL) has shared more information about a May cyberattack that took its Logbook of the World offline and caused some members to become frustrated over the lack of information. ARRL is the national association for amateur radio in the United States, representing amateur radio interests to government regulatory bodies and promoting events and educational programs for enthusiasts around the country. On May 16, the ARRL announced that it had suffered a "serious incident involving access to our network and headquarters-based systems." The breach disrupted the organization's services, taking down its phone systems and the Logbook of the World. LoTW is an online service used by amateur radio enthusiasts to log successful contacts with other people around the world. As the ARRL did not share any further information, members became concerned about what they felt was a lack of transparency from the organization. "We still don't know what they haven't told us and maybe it is important, maybe not," a member posted to the 'My ARRL Voice' Facebook group. "The point is very clear that the communication to the membership about the incident is very unprofessional and limited in its scope." Today, the ARRL finally shared more details regarding the cyberattack, stating that it was conducted by a "malicious international cyber group." "On or around May 12, 2024, ARRL was the victim of a sophisticated network attack by a malicious international cyber group," reads a new update from the ARRL. "ARRL immediately involved the FBI and engaged with third party experts to investigate." "This serious incident was extensive and categorized by the FBI as "unique," compromising network devices, servers, cloud-based systems, and PCs." However, the ARRL has still not shared whether ransomware was involved and if data was stolen during the attack. If it was a ransomware attack, it is common for the threat actors to first steal data before encrypting servers. This stolen data is then used as leverage, with the attackers threatening to publish the stolen files if a ransom is not paid. BleepingComputer contacted ARRL today with further questions about the attack. However, our previous attempts to contact the organization remain unanswered.
Daily Brief Summary
The American Radio Relay League (ARRL) experienced a significant cyberattack in May, resulting in substantial disruption including the takedown of the Logbook of the World and communication services.
ARRL, serving as the U.S. national association for amateur radio, witnessed a compromised network by a self-reported international cybercrime group.
The impact of the attack caused concerns among members due to insufficient communication about the breach's details from ARRL's side.
ARRL confirmed the involvement of the FBI and third-party cybersecurity experts to manage the investigation of the sophisticated network intrusion.
Despite comprehensive FBI categorization of the incident as "unique," ARRL has not confirmed if the breach involved ransomware or if data was extracted and potentially held ransom.
Member feedback highlighted dissatisfaction with ARRL’s communication policies regarding the incident, stressing the need for greater transparency.
Questions remain unanswered by ARRL, raising lingering concerns about the extent of the damage and security of member data.