American Radio Relay League confirms $1 million ransom payment
An amateur radio nonprofit based in Newington said it has paid $1 million to decrypt its computer servers after a ransomware attack that started in May.
ARRL, The National Association for Amateur Radio, said its network was compromised by hackers who used information purchased on the dark web. The hack affected everything from desktop and laptop computers to “Windows-based and Linux-based servers,” the organization said in a post on its website Thursday.
“This serious incident was an act of organized crime. The highly coordinated and executed attack took place during the early morning hours of May 15,” the post said.
As staff arrived, they became aware that the organization had been the “victim of an extensive and sophisticated ransomware attack,” the post stated.
The cyberattacks are so called because they involve hackers gaining access to a company or individuals’ private accounts. The hackers then lock off parts of the victims’ IT systems with encryption, and demand money — sometimes in the form of cryptocurrency — in exchange for the digital key to unlock them.
ARRL said the organization’s president and the authorities immediately were contacted.
“The FBI categorized the attack as ‘unique’ as they had not seen this level of sophistication among the many other attacks, they have experience with,” the post said.
The organization said put together a “crisis management team” within hours that included ARRL’s management, a vendor with experience in ransomware attacks, lawyers and its insurer.
The organization said the hackers issued “exorbitant” demands to decrypt their IT system.
“It was clear they didn’t know, and didn’t care, that they had attacked a small 501(c)(3) organization with limited resources. Their ransom demands were dramatically weakened by the fact that they did not have access to any compromising data,” the post said.
The hackers apparently believed ARRL had insurance that would cover a multimillion-dollar payout, the organization said.
The organization ultimately agreed to pay a $1 million ransom to the hackers after days “of tense negotiation and brinkmanship,” the post stated. The organization said its insurance covered most of it, along with the cost of restoring its IT systems.
ARRL said most of its systems have been restored or “are waiting for interfaces to come back online to interconnect them.”
“We thank you for your patience as we navigated our way through this,” the post said.
Founded in 1914 by Hiram Percy Maxim, the son of the inventor of the automatic machine gun and a Hartford resident, the organization supports and advocates for amateur radio enthusiasts, according to its website.