Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Communications

American Radio Relay League Confirms Cyberattack Disrupted Operations (bleepingcomputer.com) 32

Roughly 160,000 U.S.-based amateur radio enthusiasts belong to the American Radio Relay League, a nonprofit with 100 full-time and part-time staff members.

Nine days ago it announced "that it suffered a cyberattack that disrupted its network and systems," reports BleepingComputer, "including various online services hosted by the organization." "We are in the process of responding to a serious incident involving access to our network and headquarters-based systems. Several services, such as Logbook of The World and the ARRL Learning Center, are affected," explained ARRL in a press release... [T]he ARRL took steps to allay members' concerns about the security of their data, confirming that they do not store credit card information or collect social security numbers.

However, the organization confirmed that its member database contains some private information, including names, addresses, and call signs. While they do not specifically state email addresses are stored in the database, one is required to become a member of the organization.

"The ARRL has not specifically said that its member database has been accessed by hackers," Security Week points out, "but its statement suggests it's possible."

The site adds that it has also "reached out to ARRL to find out if this was a ransomware attack and whether the attackers made any ransom demand."

Thanks to Slashdot reader AzWa Snowbird for sharing the news.
This discussion has been archived. No new comments can be posted.

American Radio Relay League Confirms Cyberattack Disrupted Operations

Comments Filter:
  • The fools didn't know that all hams keep back ups of their logs at home. What a bunch of buffoons! :-)
    • Re: (Score:2, Interesting)

      You joke about this, but my wall is lined with QSL cards. Most hams these days don't keep giant log books unless we're contesting, and even then, it's just for the contest.

      Being an active ham means you're regularly practicing and have the knowledge and materials (i.e. printed manuals) at hand. Few of us rely on the Internet because when we're out in the "bush" for Field Day, chances are that service is going to suck if you have any.

      In before the DSTAR nay-sayers...
      • Few of us rely on the Internet because when we're out in the "bush" for Field Day, chances are that service is going to suck if you have any.

        That was true until ARRL changed the rules to allow for points on communications between two home stations during Field Day.

        This was a change made over concerns of people gathering for Field Day operations during the COVID-19 scare, this allowed for points to be gained from home stations contacting other home stations, which in previous events points were only awarded for home stations if contacting a station in the field. This rule appears to still be in effect, but because I'm getting errors trying to vi

        • When it was people actually tapping on a telegraph key then it was something separate as a skill set, now it's people with a laptop sending Morse code like any other radio teletype mode. If your use of Morse code relies on a computer then it is a teletype mode.

          When was the last time you decoded RTTY or FT8 in your head? It requires a bit more skill to decode CW than to have the computer do everything for you. And before you whine WhAt AbOuT CW DeCoDeRs? They suck, expecially compared to a human who can copy CW under all kinds of conditions.

          And if you think CW is dead, get on the bands today and listen for yourself.

          73, bpl

          • When was the last time you decoded RTTY or FT8 in your head?

            When was the last time you received a radio communication without a radio? If something has a need for communications beyond the distance their voice carries then they will use some machine to make that happen. If I'm seeking a device to send and receive such communications then why would I want this device to require me to decode anything in my head?

            It requires a bit more skill to decode CW than to have the computer do everything for you. And before you whine WhAt AbOuT CW DeCoDeRs? They suck, expecially compared to a human who can copy CW under all kinds of conditions.

            That's just it, because CW decoders suck is why people developed RTTY and FT8. Why would I care if a message was sent by CW, voice, or text? I can see why

        • by hoofie ( 201045 )

          CW is undergoing a massive renaissance. Lots of training material online and the various CW training groups, academies etc are being absolutely snowed with applications to join a course.

          The market is full of small QRP CW rigs with waiting lists for delivery.

          • CW is undergoing a massive renaissance. Lots of training material online and the various CW training groups, academies etc are being absolutely snowed with applications to join a course.

            The market is full of small QRP CW rigs with waiting lists for delivery.

            Is that for recreational use or emergency use? If this is recreational then it's not something that belongs in an event for promoting emergency preparedness with a simulation of operating off the grid.

            I have seen some radios that use CW and marketed for emergency communications. They use CW because anyone with a Technician license, which is half of licensed ham radio operator in the USA, are restricted to using only CW on some popular shortwave radio bands. This is an old rule that should have been chang

  • So what? (Score:5, Informative)

    by Jerrry ( 43027 ) on Saturday May 25, 2024 @03:53PM (#64498849)

    From TFA: "However, the organization confirmed that its member database contains some private information, including names, addresses, and call signs."

    So what? All of this information is also available in the public FCC database.

    • Re:So what? (Score:4, Informative)

      by RitchCraft ( 6454710 ) on Saturday May 25, 2024 @04:29PM (#64498893)

      Came here to say the same thing. My call sign reveals all my personal information on the FCC web site. When you become a HAM your information becomes public. It's just your name and address but it's there.

      • Warning! Information in the public phone book, including your name, address, city, and phone number is PUBLIC! Subscribers are shocked and horrified at the unexpected find that is readable by ... literally ANYONE!

        News at 11.
    • by DewDude ( 537374 )

      It's possible, if you used a PO Box since day 1, that your address isn't on public file.

      • Correct but with a simple Truepeoplesearch, zabasearch, google maps and a few others, with a name, I can find my address, a street view and an aerial view of my house. I can find all of my relative's names and their information also.

        Welcome to the internet, where privacy is a thing of the past.

    • I don't know how it is in the USA, but elsewhere the government license databases typically display only the call sign and the type of license.

    • From TFA: "However, the organization confirmed that its member database contains some private information, including names, addresses, and call signs."

      So what? All of this information is also available in the public FCC database.

      My concern is that the ARRL also had members' credit card information compromised as well. I have heard unconfirmed stories that the ARRL failed to maintain proper backups and is struggling to get its services back online.

      Some data may be permanently lost. It doesn't bode well for

      • by tlhIngan ( 30335 )

        My concern is that the ARRL also had members' credit card information compromised as well. I have heard unconfirmed stories that the ARRL failed to maintain proper backups and is struggling to get its services back online.

        Some data may be permanently lost. It doesn't bode well for the organization's leadership.

        Actually, the more important database would be the contact logs. The ARRL ran the QSL logbook called "Logbook of the world" where you could log your contacts electronically.

        That database was hacked, a

    • Two things: Where and when did the ARRL confirm this? Nowhere that I can see. It probably did happen, but ARRL hasn't said that definitively yet.

      As for addresses, etc. Foreign hams are also members, and all that info combined may not be publicly avaible where they are.

      73, bpl

      • by tetranz ( 446973 )

        They have not confirmed it. The notice on their web site is the only official communication.

        I agree that it seems likely but BleepingComputer jumped to conclusions with no hard evidence. Then other "news" sites quoted BleepingComputer. I've now seen forum posts saying "a cyberattack has been confirmed by several media outlets".

        It's easy to see how fake or unconfirmed news spreads.

  • It's been a while since I have logged on but the site looks ok to me. A little bit different than I remember and login process goes to personifygo.com. It may have done that before? My account information is there.

    I don't know what difference it makes anymore. I got an email from AT&T that says they were breached and the hackers got everything they needed to steal my identity. Paraphrasing a little.

    73s de W5MDP
  • The ARRL meltdown may or may not have compromised private user information. Most of the licensing information is in the public domain. The large Logbook of the World database is valuable, recording millions of QSOs (contacts) between amateurs, but it is not exactly private.

    The more interesting data are in-house emails relating to policy and administration. Think salaries and other employee data, Board discussions, strategies, etc. The work of ~100 staffers has been interrupted for a week, as the headq

  • You can't cyberattack a bunch of boomers with vacuum tube radios!

  • ...to ARRL endorsing CW skimmer [wikipedia.org], https://wsjt.sourceforge.io/ [slashdot.org]>WSJT, remote SDR, etc....
    Unless they bring back the fun to ham radio, more attacks will follow...

A complex system that works is invariably found to have evolved from a simple system that works.

Working...