Was NRA The Victim Of Ransomware Attack?

Free-Photos / Pixabay

The NRA is a favorite target for anti-Second Amendment types. They love to blame the organization for just about every manner of evil you care to name. Its members have been referred to as domestic terrorists and it’s been credited as playing a role in every mass shooting you care to name, even though none of their members have committed any such action.

None of that matters to those folks.

But those are just words. They don’t actually have much of an impact on the group’s daily operations.

Yet reports surfaced on Wednesday that they’d been targeted in a different manner, one that does impact operations.

A ransomware gang believed to have Russian connections claims it justpopped the National Rifle Association.

The ransomware gang, known as Grief Gang, posted files on its extortion site Wednesday that it claims to have stolen from the NRA, in an apparent attempt to pressure the NRA to pay them a ransom demand.

The file names suggest that the attackers, while targeting the NRA with ransomware—a malware meant to lock up victim computers until the victim pays a ransom—were able to steal files about “national grants” and minutes from an internal meeting.

After an attempt to reach the NRA’s spokesperson’s email Wednesday, the NRA’s email server reported an error, an indication that their mail server could be down.

“I don’t have any comment,” NRA spokesperson Amy Hunter told The Daily Beast when reached by phone for comment on Wednesday.

For what it’s worth, I tried emailing Hunter on Wednesday evening and I, too, got an email server error in response. That’s not a particularly good sign.

However, I followed up this morning and the email went through. As of this writing, I haven’t received a reply, but I’m also writing this ridiculously early in the morning before most sensible people are even awake, so…

If this is accurate and the Grief Gang hit the NRA, then this is yet another instance of a very serious problem that we as a nation are going to have to address.

Of course, we’re going to need to address it either way, really.

What ransomware attacks do is cripple organizations until they pay an insane sum of money just to get their networks back. I’m not a cyber security expert or anything, but I’m going to assume that the NRA had some decent anti-virus and anti-malware systems already in place that should have, in theory, prevented such an attack.

Clearly, it didn’t.

While we don’t have confirmation that this actually happened to the NRA, we know it’s happened to other organizations. This is a security issue because what happens if they hit a major defense contractor? Remember, they claim to have stolen internal documents from the NRA. If they can do that, they can likely steal from anyone they hit.

That may include classified materials that could damage the United States’ ability to fight a war.

As for the NRA, considering the constraints they have been operating under before this allegedly happened, having to pay out a huge ransom to Russian criminals is less than ideal.

If things are back up and running, my hope is that they were able to do it internally. Paying off these jackwagons only encourages them. That’s the last thing we need.

Though wouldn’t it be awesome if American hackers turned their attention on people like this and made it impossible for them to try and hurt American organizations?

My guess is the constant demonization of the NRA led the Grief Gang to figure the group was fair game and that there would be no repercussions for targeting them. It would be a damn shame if someone showed them otherwise, now wouldn’t it?