Sinclair Broadcasting Group Pwned By Ransomware

Another day, another company pwned. This time it is the largest TV station operator in the U.S. Sinclair Broadcasting Group has been pwned via a ransomware attack this weekend:

“[T]he event has caused — and may continue to cause — disruption to parts of the company’s business, including certain aspects of its provision of local advertisements by its local broadcast stations on behalf of its customers,” the company said in a press release posted to the Securities and Exchange Commission website. 

Sinclair began investigating the incident on Saturday, and on Sunday identified “certain servers and workstations in its environment were encrypted with ransomware,” the statement said.

The unidentified hackers also stole data from Sinclair’s network; the company said it was working to determine what information was taken. Sinclair said it had notified law enforcement and US government agencies, and that it was working to “restore operations quickly and securely.”

Well, that’s not a good look for Sinclair. Justin Fier, Director of Cyber Intelligence and Analytics, Darktrace had this to say:

“As shown by the attack on the Sinclair Broadcast Group, holidays or weekends are prime periods for attackers to launch these kinds of attacks. We see ransomware attacks rising across all industry sectors but for broadcasters and media these attacks don’t only disrupt operations but potentially give bad actors a platform to distribute disinformation on a global stage. Often, attackers will use noisy attacks like ransomware to distract security personnel while they conduct more sophisticated, subtle attacks in the background. In the case of the Sinclair breach, simply having access to thebroadcast network may itself be more valuable for attackers than a ransomware payment. 

Despite recent attempts from policy makers – from US sanctions against crypto exchanges to the Europol takedown of ransomware operators in the Ukraine – ransomware is still going strong. The reality is that organization’s backs are against the wall – it is clear that the security team at Sinclair have been caught off guard and outpaced and now must decide between system downtime or paying a hefty ransom. Organizations need a third way out and the only way they can achieve that is by having machines fight back against threats before they are left asking “to pay or not to pay?”.”

Seeing as Sinclair stock is down 4% on the news, it illustrates that the damage from an attack like this goes beyond trying to get back online. Thus making Mr. Fier’s advice even more important.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: