Politics NRA Hacked by Russian Ransomware Gang, Likely Not Politically Motivated, Expert Says
Agencies say agriculture groups being targeted by BlackMatter ransomware
A trio of federal agencies on Monday sounded the alarm about critical infrastructure groups, particularly agricultural organizations, being targeted by a prolific ransomware group.The FBI, the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) put out a joint advisory warning of targeting by "BlackMatter ransomware," connecting the group to previous attacks this year. "Since July 2021, BlackMatterThe FBI, the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) put out a joint advisory warning of targeting by "BlackMatter ransomware," connecting the group to previous attacks this year.
A ransomware gang believed to work out of Russia claimed that it hacked the National Rifle Association and published the group's files on a dark web site, the Associated Press reported. Though the gun-rights group is often included in the political debate over guns in the U.S., one expert said that targeting thein the attack was likely not politically motivated.
Allan Liska, an intelligence analyst at the cybersecurity firm Recorded Future, said that it's very unusual for a politically-active group like the NRA to be singled out by ransomware gangs. Those groups usually also opt to target vulnerable technologies rather than organizations, he said.
Russia deconstructs Biden's ransomware delusion
How Vladimir Putin must laugh. © Provided by Washington Examiner President Joe Biden entered office pledging to strengthen allies against Russian aggression and to deter further Russian hostility. Instead, Biden has played near pitch perfectly into Putin's hands. On Wednesday, Bloomberg reported that EvilCorp, a major Russian ransomware outlet, is believed by U.S. officials to be behind last week's ransomware hack of Sinclair. A major broadcasting conglomerate, Sinclair's news, sports, and advertising programming has been disrupted across the nation.
"It's not likely that this was specifically targeted at the NRA, the NRA just happened to get hit," Liska said. "You never know, though."
The files posted by the group, which calls itself Grief, relate to grants that the NRA has given out, the AP reported. NRA spokesman Andrew Arulanandam declined to confirm whether Grief's claims were true, tweeting that the NRA "does not discuss matters relating to its physical or electronic security."
A person with knowledge on the issue who spoke on condition anonymity said that problems arose with the NRA's email system this week, pointing to a possible ransomware attack.
For more reporting from the Associated Press, see below:
Ransomware attacks have spiked in recent years against all manner of companies and organizations, but rarely are the targets as politically sensitive as the NRA. The group has long enjoyed close ties to top Republican lawmakers and been a been a major supporter of Republican candidates. The NRA spent tens of millions of dollar in the past two presidential elections trying to help.
US, allied nations force REvil ransomware group offline: report
The United States and other nations earlier this week in a joint operation hacked and forced offline the REvil cyber criminal group, which has been linked to several major ransomware attacks this year.Reuters reported Thursday citing multiple officials and private sector experts that the FBI, U.S. Cyber Command, the Secret Service, and the governments of other unnamed nations had breached servers used by REvil to carry out attacks in an effort to disrupt their operations. The Hill reached out to the FBI, U.S. Cyber Command, and the Cybersecurity and Infrastructure Security Agency (CISA) for comment.
Video: Thieves Using Master Keys To Steal Mail (CBS Chicago)
The group has been beset by legal and financial troubles in recent years but remains a potent force politically and has more than 5 million members.
Liska said the email problems could be related to the ransomware attack. He said email systems are top targets of ransomware gangs because they often contain sensitive information and hamper an organization's response to an attack, further incentivizing them to pay a ransom.
Spokespeople for thedid not immediately return a message seeking comment.
Greif is believed by many cybersecurity experts to be linked to Evil Corp, a ransomware gang that was previously active. The U.S. Treasury Department imposed sanctions on the group in 2019, saying it had stolen more than $100 million from banks and financial institutions in 40 countries.
2016 Presidential Election Investigation Fast Facts
Read CNN's 2016 Presidential Election Investigation Fast Facts for information about probes into Russian meddling during the 2016 presidential race.Here's a look at investigations into Russian meddling during the 2016 presidential race between Donald Trump and Hillary Clinton.
U.S. and Russian ties have already been strained this year over a string of high-profile ransomware attacks against American targets launched by Russia-based cyber gangs. Presidenthas warned Russian President in an effort to get him to crack down on ransomware criminals, but several top Biden administration cybersecurity officials have said recently that they have seen no evidence of that.
Gun control group alleges campaign finance violations in lawsuit against NRA .
The gun control group Giffords filed a lawsuit against the National Rifle Association (NRA) on Tuesday, alleging the advocacy group violated campaign finance laws by illegally contributing tens of millions of dollars to GOP Senate and presidential candidates.The lawsuit - which was filed by the nonpartisan campaign finance watchdog Campaign Legal Center on behalf of Giffords - alleges that the NRA funneled up to $35 million in illicit contributions to GOP candidates through a number of shell corporations. The group, which was founded by former Rep. Gabby Giffords (D-Ariz.