Amateur Radio operator

The American Radio Relay League (ARRL) warns it suffered a cyberattack, which disrupted its IT systems and online operations, including email and the Logbook of the World.

ARRL is the national association for amateur radio in the United States, representing amateur radio interests to government regulatory bodies, providing technical advice, and promoting events and educational programs for enthusiasts around the country.

On Thursday, the ARRL announced that it suffered a cyberattack that disrupted its network and systems, including various online services hosted by the organization.

“We are in the process of responding to a serious incident involving access to our network and headquarters-based systems. Several services, such as Logbook of The World and the ARRL Learning Center, are affected,” explained ARRL in a press release.

Amateur radio enthusiasts use three-letter codes that start with the letter Q, which are called “Q” signals, and they act as abbreviations for commonly used phrases in ham radio.

For example, the code QSO is shorthand for “I can communicate with _________ direct,” and is used to denote a direct conversation between two stations. At the same time, QSL means “I am acknowledging receipt,” meaning that contact is confirmed.

Logbook of The World (LoTW) is an online database that allows amateur radio enthusiasts to submit electronic logs of successful contacts (QSO) and confirmations (QSL) between other users worldwide. Enthusiasts can use these logs of successful communication on LoTW towards operator awards.

In a Friday update, the ARRL took steps to allay members’ concerns about the security of their data, confirming that they do not store credit card information or collect social security numbers.

However, the organization confirmed that its member database contains some private information, including names, addresses, and call signs. While they do not specifically state email addresses are stored in the database, one is required to become a member of the organization.

It is unknown if the organization suffered a ransomware attack or another cybersecurity incident.

BleepingComputer contacted the ARRL with further questions, but a reply was not immediately received.

Source: www.bleepingcomputer.com