The American Radio Relay League (ARRL), the largest national amateur radio organization in the United States, announced today that it was the target of a cyberattack by an unidentified “international cyber group. ” The ARRL, headquartered in Newington, Connecticut, stated that the attack was discovered on May 22nd, 2024, and that an investigation is currently underway in collaboration with cybersecurity firms.
In a press release, the ARRL acknowledged that an unauthorized party was able to gain access to certain portions of its computer network. The scope of the breach is still under investigation, but the ARRL emphasized that there is no evidence that any financial information or member passwords were compromised.
“We take the security of our members’ data very seriously, ” said ARRL CEO David Sumrall. “Upon discovering the intrusion, we took immediate steps to secure our network and began a comprehensive investigation. We are working diligently to determine the nature and extent of the unauthorized access, and we will take all necessary steps to protect our members’ information. “
The ARRL did not disclose the specific tactics used by the attackers, but cybersecurity experts speculate that the intrusion may have involved phishing emails or a software vulnerability. Phishing emails are designed to trick recipients into clicking on malicious links or attachments, which can then be used to install malware on a victim’s computer. Software vulnerabilities are weaknesses in computer programs that can be exploited by attackers to gain unauthorized access to a system.
The ARRL has advised its members to be cautious of any unsolicited emails or phone calls they may receive, and to be wary of clicking on links or opening attachments from unknown senders. The organization has also recommended that members enable two-factor authentication on their ARRL accounts, which adds an extra layer of security by requiring a second verification step in addition to a username and password.
This cyberattack on the ARRL is the latest example of the growing threat posed by cybercriminals to amateur radio organizations. Amateur radio operators often transmit sensitive information, such as their call signs and locations, which could be valuable to attackers. In addition, amateur radio infrastructure can be used to launch denial-of-service attacks or to spread malware.
The ARRL has assured its members that it is taking steps to improve its cybersecurity posture and to prevent future attacks. The organization is also urging its members to be vigilant and to take steps to protect their own information.
