"American Radio Relay League Paid $1 Million to Ransomware Gang"

The national association for amateur radio American Radio Relay League (ARRL) recently revealed that it paid out a $1 million ransom after a disruptive May 2024 ransomware attack.  The attack occurred on May 15 and resulted in multiple systems within ARRL’s internal network being encrypted, including desktops, laptops, and Windows and Linux servers.  Last week, the association revealed that the attackers had compromised its on-site systems and most cloud-based systems weeks before deploying file-encrypting ransomware and that information purchased on the dark web was used for the intrusion.  ARRL noted that the attackers demanded a multi-million-dollar ransom payment, but they eventually agreed to receive a $1 million payment, as “their ransom demands were dramatically weakened by the fact that they did not have access to any compromising data.”  ARRL said that payment, along with the cost of restoration, has been largely covered by its insurance policy.  ARRL did not say whether any personal information was compromised in the attack.

SecurityWeek reports: "American Radio Relay League Paid $1 Million to Ransomware Gang"