top of page
Comarch_300x600.png
Comarch_728x90.jpeg
TechNewsHub_Strip_v1.jpg

LATEST NEWS

  • Marijan Hassan - Tech Journalist

ARRL confirms $1 million ransom payment following a cyberattack in May


The American Radio Relay League (ARRL), the amateur radio association, revealed new details about a significant ransomware attack that compromised its systems in May 2024. The attack, described by the FBI as “unique” in its level of sophistication, forced the ARRL to pay a $1 million ransom to regain access to its encrypted systems.



The breach occurred in the early hours of May 15, 2024, when threat actors infiltrated ARRL’s on-prem and cloud-based systems using information purchased from the dark web. The attackers deployed a range of malicious payloads targeting various devices, including desktops, laptops, and both Windows- and Linux-based servers. These payloads encrypted or deleted network-based IT assets, paralyzing ARRL’s operations.


The organization says it quickly assembled a crisis management team, which included management, an external vendor experienced in ransomware recovery, legal counsel, and the organization’s insurance carrier. Throughout the incident response, the organization was very cooperative with authorities and has regularly been posting progress updates for its members.


The attackers initially demanded an exorbitant ransom, seemingly unaware or indifferent to the fact that ARRL is a small nonprofit organization with limited financial resources. Fortunately, the hackers didn’t have access to any compromising data, which gave ARRL some leverage in negotiations. After several days of tense back-and-forth, the organization agreed to pay a $1 million ransom, a cost largely covered by insurance.


As of today, most of ARRL’s systems have been restored, with some still awaiting full functionality as new infrastructure and standards are implemented. One of the most popular member benefits, Logbook of The World (LoTW), was down during the attack but has since been restored, processing a significant backlog in just four days.


In response to the attack, the ARRL board has approved the formation of a new Information Technology Advisory Committee. This committee will include ARRL staff, board members with IT expertise, and industry experts. Its goal is to advise on future IT strategies and ensure the organization’s cybersecurity is strengthened against future threats.


While ARRL acknowledges that there are still minor systems to be restored, the organization is optimistic about the progress made. They have expressed gratitude for the support and patience of their members, as well as the dedication of the staff and consultants working to resolve the situation.


This incident serves as a stark reminder of the growing threat posed by cyberattacks, even to nonprofit organizations, and underscores the importance of adequate cybersecurity measures.

Comments


wasabi.png
Gamma_300x600.jpg
paypal.png
bottom of page