A group of Russian hackers appears to be holding internal NRA documents hostage.
The group, known as Grief, published a series of what it claims are NRA internal documents online Wednesday. The documents were published on a leak site the group uses to announce the identity of companies it has infiltrated, according to The Record.
Emails sent to three different NRA press contacts by The Reload bounced back indicating the group is currently having issues with its email service. Reached by phone, an NRA spokesperson pointed The Reload to a statement provided on its social media that said the group would not comment on the alleged breach.
“NRA does not discuss matters relating to its physical or electronic security,” Andrew Arulanandam, managing director of NRA Public Affairs, said on Twitter. “However, the NRA takes extraordinary measures to protect information regarding its members, donors, and operations – and is vigilant in doing so.”
The extent of the alleged breach is not yet clear. NBC News reviewed the files posted by the Russian hackers and said they included relatively mundane items such as grant proposal forms and an email to a grantee. However, they also included the minutes of a September 24th teleconference meeting held by NRA leadership.
The NRA has been dealing with a number of significant challenges in recent years as internal fighting over corruption allegations spilled out into public and into multiple court cases, including one brought by the New York Attorney General Letitia James (D.) in hopes of shuttering the organization. It has faced declining revenues and been forced to cancel its largest fundraising events several years running due to the covid pandemic. If the ransom attack is successful, it could put further strain on the country’s leading gun-rights organization.
The new attack comes after a Russian agent was able to get close with a number of the NRA’s top leadership. The agent, Maria Butina, was an honored guest at a number of NRA functions and had NRA board members at a Russian event in 2015. She was later arrested by the FBI and pled guilty to felony charges of conspiracy to act as an unregistered foreign agent of the Russian state. She was sentenced to 18 months in prison and deported back to Russia in 2019.
Grief has also caught the ire of the United States government. The group, which previously operated as Evil Corp, was sanctioned by the Treasury Department in 2019 over thefts from companies in 40 different countries that totaled more than $100 million. The department said the hacker group is “one of the world’s most prolific cybercriminal organizations” and claimed its leader has also done work for the Russian government.
Ransomware hackers often oversell the true extend of their hacks in public pressure campaigns directed at their intended victims, though. It remains to be seen what sensitive information, if any, Grief has stolen from the NRA.