Had to replace the tranny they booted from the board.

The reality is, even if operated and managed on site, it is a never ending cost of new equipment and new software and people that know what they are doing and keep up with the constantly changing threat environment. Decoy networks and Honeypots ( or whatever they are called now ) are expensive and must be run by  competent people that not only know what they are doing but actually give a shit and are numerous enough to be able to be on call 24 / 7 to respond quickly and know how to solve new problems real time.

Just because something is a cloud service doesn't mean they are any good at it unless you go with the major player.

I don't know anything about this other that what I have been told by someone that has done some of this, but the never ending problem is companies independent  and cloud service alike, trying to cut corners, save money and hire less than ideal people that don't really know what they are doing but their fraudulent resume looks good on paper, I am looking at you Indian ( dot ) H1Bs. And then once an Indian ( dot ) gets into higher management, they almost exclusively populate people below them with Indians ( dot ) .

Like most things, you get what you pay for and the incentive to save money results in compromised networks, eventually.

The Internet and computers in general were a massive mistake, fuck Bill Gates, Paul Allen and Al Gore

some progress

I called and now there phones are working

some nice lady promptly answered

she said they were working on LOTW and it would be up “hopefully soon, keep checking the ARRL site for updates “

Any day now.

My guess is someone got pissed off about their recent virtue signaling incident.

Get woke, go broke.

Looking at the ARRL org. chart, as of Jan 2024 they had no director of IT. That might also have something to do with their difficulties.

Attached File

Yesterday's update. That makes two in a row that don't mention LotW.

Updated 5/31/2024

Our phone system has been returned to service. ARRL may be reached at 1-860-594-0200 or 1-888-277-5289 (toll-free in the US), Monday through Thursday from 8 AM to 7 PM Eastern Time, and until 5 PM on Fridays. Members can also email general inquiries to [email protected].

The ARRL International Digital Contest is this weekend, June 1 - 2, 2024, and the ARRL June VHF Contest is June 8 - 10, 2024. The ARRL Contest Portal will be available with limited functionality at contests.arrl.org. Log submission pages will continue to be available at contest-log-submission.arrl.org, and logs received can be viewed at contests.arrl.org/logsreceived.php. The log submission links are also available on the contest landing pages at www.arrl.org/arrl-digital-contest and www.arrl.org/june-vhf.

Members are reminded that the June 2024 issue of QST magazine, the special ARRL Field Day edition, can be viewed online. Members may also access digital editions of QST dating back to 2012. Access to archives for QST issues older than 2012, which are accessed through the ARRL website, is not presently available. For On the Air, QEX, and NCJ magazines, members may access the current issues and previous issues back to 2020. Visit www.arrl.org/arrl-magazines for links to all four magazines and to download the ARRL Magazines app.

Work is continuing to publish the July 2024 issue of QST magazine. We anticipate an on-time delivery of the digital edition, and delayed delivery for those who subscribe to the printed magazine.

We have heard from members asking if they can renew their membership at this time. Members can renew online at www.arrl.org/join or by phoning ARRL.

As reported earlier this week, ARRL Store orders (www.arrl.org/shop) have resumed shipping.

Hold onto your hats! Actual information!!!

06/04/2024
Updated 6/4/2024

On or around May 12, 2024, ARRL was the victim of a sophisticated network attack by a malicious international cyber group. ARRL immediately involved the FBI and engaged with third party experts to investigate.

This serious incident was extensive and categorized by the FBI as “unique,” compromising network devices, servers, cloud-based systems, and PCs.

ARRL management quickly established an incident response team. This has led to an extensive effort to contain and remediate the networks, restore servers, and staff are beginning the testing of applications and interfaces to ensure proper operation.

Thank you for your patience and understanding as our staff continue to work through this with an outstanding team of experts to restore full functionality to our systems and services.

We will continue to update members as advised and to the extent we are able.

This story will be updated with new developments.

Attached File

06/04/2024
Updated 6/4/2024

On or around May 12, 2024, ARRL was the victim of a sophisticated network attack by a malicious international cyber group. ARRL immediately involved the FBI and engaged with third party experts to investigate.

This serious incident was extensive and categorized by the FBI as “unique,” compromising network devices, servers, cloud-based systems, and PCs.

ARRL management quickly established an incident response team. This has led to an extensive effort to contain and remediate the networks, restore servers, and staff are beginning the testing of applications and interfaces to ensure proper operation.

Thank you for your patience and understanding as our staff continue to work through this with an outstanding team of experts to restore full functionality to our systems and services.

We will continue to update members as advised and to the extent we are able.

This story will be updated with new developments.

Attached File


ID10T errors undoubtedly.  

I hope this incident response team included orange vests and HTs!

https://worldradioleague.com/

Attached File

*opps wrong thread

*opps wrong thread

In my professional experience its probably a bunch of just over 20 somethings that smell vaguely of pot and can manage to figure shit out that makes no sense while ripping on each other the whole time.

Compliments of Larry on the ARFCOM DMR TG,

Attached File

I think they’re GONNA MAKE IT

Not great, not terrible…

MEMBER BULLETIN

June 6, 2024

Dear ARRL member,

We are writing to inform you of a serious incident that has impacted ARRL’s operations. On or around May 12, 2024, ARRL was the victim of a sophisticated network attack by a malicious international cyber group. We immediately involved the FBI and engaged with third party experts to investigate.

On May 16, on the eve of the ARRL National Convention in Ohio, we posted a notice on our website to inform members about the incident. Since then, we have made substantial progress to mitigate the impact of this attack on our organization. We have been posting regular updates, including the status of restored services. Please refer to our dedicated news post at https://www.arrl.org/news/arrl-systems-service-disruption.

We are aware that certain members believe we should be openly communicating everything associated with this incident. We are working with industry experts, including cyber crime attorneys and the authorities, who have directed us to be conservative and cautious with our communications while restoring the ARRL network.

Many of our services and programs have been impacted by this attack. We have been diligently assessing each system to ascertain the extent of compromise. For example, while the Logbook of The World® server and related user data were unaffected, we have taken the precautionary measure of keeping the service offline until we can ensure the security and integrity of our networks. Similarly, access to Online DXCC is unavailable, although individual award data remains secure.

Fortunately, some of our key systems, such as the ARRL website and our association membership system, were unaffected. Despite the severity of the attack, no personal information was compromised. Additionally, ARRL does not store credit card information anywhere on our systems, and we do not collect social security numbers.

Our Directors have heard from some members who are concerned about managing their membership renewals. Members can renew online at www.arrl.org/join or by phoning ARRL.

We understand the frustration and inconvenience this incident has caused, and we sincerely appreciate your patience and understanding as our dedicated staff and partners continue to work tirelessly to restore affected systems and services.

Thank you for your ongoing support.

Actually a pretty good description.

Their communication has been piss poor. Whoever makes the communication decisions over there is a moron.

Attached File

So LOTW was unaffected by the so called attack.

But they took it offline until they can ensure the security of the networks?

That is like an airline having an accident and stopping all operations until they can ensure there will be no more accidents. They can never ensure that, so I guess the airline will never fly again. We used to say the best way to be perfectly safe is to not fly at all.

That statement makes no sense. LOTW was unaffected by the attack so they took it offline in case there is a better attack later? 1 month later, still offline.

I think there is still more to this story than they are telling.

Maybe they should fill that Director of IT job.

It is probably the Director of IT's job.

"unique" is ... a choice word.
I wonder what it means.

when FBI nerds meet sad hams

ROFLMAO!

I had a client once that called in thinking he was breached, sent it along and got everything set up. Turns out he couldn't operate his business because he cut his network connection when he heard of a breach on the news... he was never breached.

People

I would be happy if the ARRL said something like "we are continuing to work towards bringing LoTW back online".  Hiding behind lawyers and the FBI doesn't inspire me with much confidence.

Ha! a good afternoon chuckle.

I would hound you on the DMR for a new keyboard after I spit my tea up all over it with that picture you posted, but since you are the TG admin I do not want to get banned!

They can say :

1. We have no idea what we are doing after a month.
2. We have Top Men working on it.

Answer:  Top Men.

Agree.  Also, why give your enemy an accurate battle damage assessment while you're repairing things?

I'm irritated by the ARRL for billing their main product as the Logbook of the World.  That's a pretty lofty goal, and with it comes a high level of responsibility.  Instead of recruiting a tranny as "Outreach Manager," they should have been hiring a Director of IT who could have steered them away from being this vulnerable to cyber attacks.

anybody know what happened to Steven Berry, the Director of IT they hired in 2022?

Former ARRL Director Ria Jairam, N2RJ alluded to the fact the he left the ARRL due to some kind of conflict with the CEO.

I will see if I can find her Facebook post about ongoing drama at the ARRL.

He was 55 years old and had already sold two companies. He lives in New Hampshire. He was probably working remotely and considered this a "retirement gig". If that is, in fact, the case, then it would not have taken very much conflict for him to quit. It's easy to postulate that he found a lot of things lacking in their IT infrastructure and strategy and walked when they wouldn't provide the funding to fix it.

I detest the current fashion of taking anything lawyers say as gospel. I have no problem with lawyers in general, but they are not gods whose every word must be worshipped.

Secondly, there are a million ways to inform membership and LotW users about the status and progress of things without giving any useful (to the bad guys) information at all. It is completely ridiculous to suggest that anything said helps the hackers. That is total BS.

Have only watched the first bit so far...

Jon Bloom, ex-KE3Z
Jun 11   #40857  
Despite ARRL's statements that LoTW and DXCC data are safe, it seems that some users are concerned that this may not be the case due to the time that it is taking to restore service.

Perhaps it will ease some minds if I tell you that I know for certain that these data are safe. I know this because I personally assisted ARRL staff to get these data backed up to locations and systems that are in no way connected to ARRL's HQ or cloud systems. The LoTW data, for example, exists in multiple physical locations and cloud backup services. Such is also the case for the LoTW source code. In addition, I imported the LoTW data backup into a separate, new test database system to verify it. This took several days since the database is about 3 terabytes in size. (It's a LOT of data!)

Getting the systems themselves back on-line is another matter, and I have no information to share about that as I'm not involved in the ongoing process of restoring them. ARRL has apparently made the decision, wisely in my view, not to bring any affected systems back into service until all parts of them can be vetted and secured. But the data itself is safe, and LoTW will definitely be back at some point.

-- Jon

Hope this info is legit.

Jon Bloom was the ARRL Information Technology Manager and retired back in 2011.  

Longtime HQ Staffer Jon Bloom, KE3Z, Leaves ARRL

Day 31

so it was backed up as of 2011.

Excerpt from ARRL update today:

Day 31

They meant on a geological timescale...