American Radio Relay League (ARRL) has shared more information about a May cyberattack that took its Logbook of the World offline and caused some members to become frustrated over the lack of information.
ARRL is the national association for amateur radio in the United States, representing amateur radio interests to government regulatory bodies and promoting events and educational programs for enthusiasts around the country.
On May 16, the ARRL announced that it had suffered a "serious incident involving access to our network and headquarters-based systems."
The breach disrupted the organization's services, taking down its phone systems and the Logbook of the World. LoTW is an online service used by amateur radio enthusiasts to log successful contacts with other people around the world.
As the ARRL did not share any further information, members became concerned about what they felt was a lack of transparency from the organization.
"We still don't know what they haven't told us and maybe it is important, maybe not," a member posted to the 'My ARRL Voice' Facebook group.
"The point is very clear that the communication to the membership about the incident is very unprofessional and limited in its scope."
Today, the ARRL finally shared more details regarding the cyberattack, stating that it was conducted by a "malicious international cyber group."
"On or around May 12, 2024, ARRL was the victim of a sophisticated network attack by a malicious international cyber group," reads a new update from the ARRL.
"ARRL immediately involved the FBI and engaged with third party experts to investigate."
"This serious incident was extensive and categorized by the FBI as "unique," compromising network devices, servers, cloud-based systems, and PCs."
However, the ARRL has still not shared whether ransomware was involved and if data was stolen during the attack.
If it was a ransomware attack, it is common for the threat actors to first steal data before encrypting servers. This stolen data is then used as leverage, with the attackers threatening to publish the stolen files if a ransom is not paid.
BleepingComputer contacted ARRL today with further questions about the attack. However, our previous attempts to contact the organization remain unanswered.
Comments
powerspork - 5 months ago
Eagerly awaiting input from the many people on the last article that insisted that ARRL was not hacked.
ki4rwl - 5 months ago
"You could hear a pin drop..."
CrazyRadioGuy - 5 months ago
What the many people said on the last article was that the article was incorrect about what the ARRL stated. IOW, the author of the article lied.
h_b_s - 5 months ago
At the time, the nature of the problem being a cyberattack was pure speculation because the ARRL never said. People that pointed this out weren't wrong.
ARRL is playing their cards close to their vest likely on advice from the FBI, private investigators, and lawyers. There are many reasons why speculating in advance of hard information is a Bad Idea, or even if you do know more specific facts it may still be a Bad Idea while a criminal investigation is still ongoing. Incomplete information can lead to a number of problems; problems we can see each and every day played out by media organizations jumping to conclusions only to be proven wrong later on as more information is released, yet few people pay attention to the mea culpas as they move on to the next big sensationalist news release - which is itself incomplete/incorrect. These news cycles often ruin organizations and individual lives in off-handed, careless, callous disregard. This is why it's unwise to get up in arms with speculation that may later turn out to be incorrect.
ZeroYourHero - 5 months ago
Give us the money or we'll release al of this public information about ham radio contacts that was already available to the public!
sorrynotsorry - 5 months ago
The article from last month had dozens of people suffering from cognitive dissonance about a "glitch" and not a "cyberattack". I'm awaiting comments from the most confident information bigots.
""The American Radio Relay League (ARRL) warns it suffered a cyberattack"
The ARRL stated no such thing.
"On Thursday, the ARRL announced that it suffered a cyberattack"
No, they did not state this.
This article is worthless. "
@CrazyRadioGuy
CrazyRadioGuy - 4 months ago
Where exactly do you think I was incorrect? At no time did I say that it was not a cyber attack.