Contents:
Cox Media Group’s television and radio stations across the U.S. were hit by a cyberattack last week, with some stations still recovering from the impact, CNN reports.
The systems used by the stations were impacted and station operations were disrupted. Several systems are still down, including access to the digital video library. Weather computers were also not working for at least two stations.
The attack was first reported by Recorded Future, with others news outlets quickly confirming CMG feeds were being disrupted.
Employees told CNN that they haven’t recovered access to their emails yet and are still working on workarounds. Stations have asked staff not to open the email on their phones.
According to a Cox employee,
This morning we were told to shut down everything and log out our emails to ensure nothing spread. According to my friends at affiliate stations, we shut things down in time to be safe and should be back up and running soon.
Founded in December 2008 by Cox Enterprises, Cox Media Group provides broadcasting, publishing, direct marketing, and digital media services. The Company operates daily and non-daily newspapers, television stations, local cable channels, and AM and FM radio stations.
So far, nothing indicates that the incident is a ransomware attack, as nothing has been posted on ransomware extortion sites and there were no claims of responsibility.
However, the attack comes as the US sees a sharp increase in security breaches and ransomware attacks that have targeted a wide variety of sectors including food, gas, water, hospitals, and transport. These incidents have become a priority for the Biden administration to confront during its early months.
Heimdal™ Ransomware Encryption Protection
- Blocks any unauthorized encryption attempts;
- Detects ransomware regardless of signature;
- Universal compatibility with any cybersecurity solution;
- Full audit trail with stunning graphics;
Wave of Ransomware Attacks Forces Strict Measures
Last week, JBS Foods, the world’s largest meatpacking organization, was forced to shut down production at several sites all over the world following a cyberattack that affected its production facilities, including those from the United States, Australia, and Canada.
Following the incident, the FBI released a statement, attributing the attack to REvil Ransomware operation.
A month ago, Colonial Pipeline, the largest fuel pipeline operator in the U.S., was forced to shut down after being hit by ransomware in a clear demonstration of the vulnerability of energy infrastructure to this type of cyberattacks. The company paid the DarkSide Ransomware group nearly $5 million in cryptocurrency in return for a decryption key to restore its systems. Since the tool was too slow, the pipeline operator used its backups to restore the systems.
In the wake of numerous ransomware attacks and mounting damage caused by threat actors, the U.S. Department of Justice is elevating investigations of ransomware attacks to a similar priority as terrorism.
The Cox Media Group attack is currently being investigated by federal law enforcement.