Tuesday, June 8, 2021

Cyberattack Remains Troublesome For Cox Media Group


At least three Cox Media Group TV news stations and several radio stations were completely offline since Thursday in what cybersecurity experts say appears to be a ransomware attack on their parent company, reports NBC News.

ABC affiliates WFTV in Orlando, Florida, and WSOC in Charlotte, North Carolina, as well as NBC affiliate WPXI in Pittsburgh, all of which are both owned by the Cox Media Group, were told Thursday by managers to shut down company computers and phones.

"We are only able to communicate with each other over personal phones and text messages," said a WFTV employee who wasn't authorized to speak for the company and requested not to be named.

So far stations have been able to still put together local broadcasts, but have been limited in what they can do. Cox didn't reply to requests for comment. But the event appeared to be the latest U.S. incident of ransomware, where hackers will infect a network and hold its files hostage while demanding payment, said Allan Liska, an analyst at the cybersecurity company Recorded Future.

“An ‘IT incident’ that spans multiple organizations in a company is almost always a ransomware attack,” Liska said.

Brett Callow, a threat analyst at the cybersecurity company Emsisoft, agreed.

“The most likely cause by far of any incident that involves unplanned and widespread IT disruption is ransomware or the detection of malware that can be used to deploy ransomware,” Callow said. “Basically, the other things which could potentially cause such a shutdown are far less likely.”

Multiple country music radio stations owned by the CMG were also affected by the ransomware attack that occurred on Thursday.  The country radio station affected in the attack include:

  • WWKA 92.3 – Orlando, FL
  • WNGC 106.1 – Athens, GA
  • KWEN 95.5 – Tulsa, OK
  • WHKO 99.1 – Dayton, OH
  • KKBQ 92.9 – Houston/Galveston, TX
  • KTHT 97.1 – Houston/Galveston, TX (Classic country)
  • KKYX 680 AM – San Antonio, TX (Classic country)
  • KCYY 100.3 – San Antonio, TX
Audio streaming is reportedly down at many, but not all, of the company’s radio stations, with access from Audacy inactive. 

Media companies have been an enticing target for hackers trying to get past digital firewalls and set off ransomware attacks that hold company computers hostage until money is paid – or the attack can be fended off. InsideRadio reports Salem Media Group disclosed last August that a ransomware attack had infiltrated some of its operational and information technology systems. A 2019 attack on Urban One cost the company more than $1 million. And Entercom (now Audacy) was attacked in September 2019 when hackers broke into its email servers and demanded $500,000 in ransom. That malware attack temporarily disrupted business operations but did not have a big impact on operating results. Even so, Entercom told its investors in its annual report that “there can be no assurance of a similar result in the future” adding, “cybersecurity breaches may increase our costs and cause losses.”

No comments:

Post a Comment