Atlantic States Marine Fisheries Commission Outage

ransomware gang claims access to confidential data stolen in alleged attack.

by Alan Joseph April 19, 2024 in Cybersecurity News, Firewall Daily, Hacker Claims Reading Time: 3 mins read 0

585 SHARES 3.3k VIEWS Share on LinkedInShare on Twitter

The ransomware gang 8Base might have been responsible for an attack on the Marine Fisheries Commission (ASMFC) in the United States, that caused to go down temporarily.

This development has raised concerns given the ASMFC's pivotal role in overseeing fisheries along the Atlantic seaboard after the U.S. Atlantic States Marine Fisheries Commission's email system was temporarily down.

Established 80 years ago, the fishery organization states on its site that its mission is ‘to promote the better utilization of the fisheries, marine, shell and anadromous, of the Atlantic seaboard by the development of a joint program for the promotion and protection of such fisheries, and by the prevention of physical waste of the fisheries from any cause.'

The 8Base ransomware group claimed the organization as a victim in its leak site and claimed to have stolen several pieces of critical data. However, the authenticity of these claims is still in question, given the corporation has not shared any update regarding any cyberattack or intrusion.

Atlantic States Marine Fisheries Commission: Officials were Given a Four-Day Deadline

Source: Shutterstock

On April 15th, the 8Base ransomware group asserted on its official leak site that it had obtained information such as personal data, invoices, receipts, accounting documents and certificates. The group gave the organization a deadline of four days to pay the ransom, warning that if the ransom was not paid by April 19th, they would release the data.

Of particular concern is the extent of the alleged data breach due to the nature of the data stored on the ASMFC's website, which includes confidential information on fishery management, nearshore fish species, habitat conservation efforts and law enforcement initiatives.

For a while, the commission's official website displayed a notice instructing users to use a different address and phone number temporarily while its official services remained down. While it's email services seem to have been restored as the notice is no longer displayed, it is uncertain if the disruption was due to the alleged attack, a routine maintenance effort, or otherwise.

Source: Archived copy of the official site(asmfc.org) displaying earlier notice.

The Cyber Express reached out to the ASMFC for further details and confirmation regarding the ransomware gang's claims, but have not received a response yet at the time of working on this report.

8Base Ransomware Group Shares Similarity with Other Groups

The ransomware group, which claimed this cyberattack, has been a notorious threat actor on the dark web, sharing similarities with other threat actors of equal prowess.

Last year in 2023, researchers from VMware reported that they had discovered significant similarities between the operations of both 8Base and RansomHouse. These similarities included a 99% similarity match in ransom notes between the groups, and other similarities in the verbiage of the two groups in the leak site on the welcome page, terms of service page and FAQ page.

Other similarities were also noted between 8Base and the Phobos threat actor group, raising questions about the relationships between these groups and the scale of collaboration or independence. Moreover, what seems like a possible cyberattack in the case of the Atlantic States Marine Fisheries Commission (ASMFC), the water industry saw many cyberattacks in 2023.

In September 2023, another joint body water association between the U.S. and Canada, the International Joint Commission was been hacked by NoEscape. The group had stolen and encrypted similar confidential data including contracts, legal documents, personal details of employees and members, and financial and insurance information.

These incidents highlight the need for robust measures within organizations responsible for managing vital resources and essential sectors.


Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button