The ransomware gang 8Base might have been responsible for an attack on the Atlantic States Marine Fisheries Commission (ASMFC) in the United States, that caused to go down temporarily.
This development has raised concerns given the ASMFC's pivotal role in overseeing fisheries along the Atlantic seaboard after the U.S. Atlantic States Marine Fisheries Commission's email system was temporarily down.
Established 80 years ago, the fishery organization
states on its site that its mission is 'to promote the better utilization of the fisheries, marine, shell and anadromous, of the Atlantic seaboard by the development of a joint program for the promotion and protection of such fisheries, and by the prevention of physical waste of the fisheries from any cause.'
The 8Base ransomware group claimed the organization as a victim in its leak site and claimed to have stolen several pieces of critical
data. However, the authenticity of these claims is still in question, given the corporation has not shared any update regarding any
cyberattack or intrusion.
Atlantic States Marine Fisheries Commission: Officials were Given a Four-Day Deadline
[caption id="attachment_63831" align="alignnone" width="683"]
Source: Shutterstock[/caption]
On April 15th, the 8Base ransomware group asserted on its official leak site that it had obtained information such as personal data, invoices, receipts, accounting documents and certificates. The group gave the organization a deadline of four days to pay the ransom, warning that if the ransom was not paid by April 19th, they would release the data.
Of particular concern is the extent of the alleged data breach due to the nature of the data stored on the ASMFC's website, which includes confidential information on fishery management, nearshore fish species, habitat conservation efforts and law enforcement initiatives.
For a while, the commission's official website
displayed a notice instructing users to use a different address and phone number temporarily while its official services remained down. While it's email services seem to have been restored as the notice is no longer displayed, it is uncertain if the disruption was due to the alleged attack, a routine maintenance effort, or otherwise.
[caption id="attachment_63860" align="alignnone" width="2696"]
Source: Archived copy of the official site(asmfc.org) displaying earlier notice.[/caption]
The Cyber Express reached out to the ASMFC for further details and confirmation regarding the ransomware gang's claims, but have not received a response yet at the time of working on this report.
8Base Ransomware Group Shares Similarity with Other Groups
The ransomware group, which claimed this cyberattack, has been a notorious threat actor on the
dark web, sharing similarities with other threat actors of equal prowess.
Last year in 2023, researchers
from VMware reported that they had discovered significant similarities between the operations of both 8Base and RansomHouse. These similarities included a 99% similarity match in ransom notes between the groups, and other similarities in the verbiage of the two groups in the leak site on the welcome page, terms of service page and FAQ page.
Other similarities
were also noted between 8Base and the Phobos threat actor group, raising questions about the relationships between these groups and the scale of collaboration or independence. Moreover, what seems like a possible cyberattack in the case of the Atlantic States Marine Fisheries Commission (ASMFC), the water industry saw many cyberattacks in 2023.
In September 2023, another joint body water association between the U.S. and Canada, the International Joint Commission
was been hacked by NoEscape. The group had stolen and encrypted similar confidential data including contracts, legal documents, personal details of employees and members, and financial and insurance information.
These incidents highlight the need for robust measures within organizations responsible for managing vital resources and essential sectors.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.