Sinclair Broadcast Group hit with ransomware
Sinclair Broadcast Group, which operates dozens of TV stations across the U.S., said Monday that some of its servers and work stations were encrypted with ransomware and that some of its data was stolen from the company's network.
The company said in a regulatory filing it started investigating the potential security incident on Saturday and on Sunday it and found that certain office and operational networks were disrupted.
The Hunt Valley, Maryland-based company owns and/or operates 21 regional sports network and owns, operates and/or provides services to 185 television stations in 86 markets.
The broadcast group, which is known for pushing a conservative viewpoint through editorials and reports that it compels its stations to run, did not immediately say how many TV stations were directly affected.
Nashville, Tennessee's WZTV put out a notice on its website Monday about "serious technical issues" at the TV station affecting its ability to stream content.
"We are also currently unable to access our email and your phone calls to the station," it said.
Sinclair said it's taken measures to contain the incident and that its forensic investigation is ongoing. However, the company said that the data breach has caused – and may continue to cause – disruption to parts of its business, including certain aspects of local advertisements by local broadcast stations on behalf of its customers. The company said that it is working diligently to restore operations quickly and securely.
Sinclair said it currently can't determine whether or not the data breach will have a material impact on its business, operations or financial results. No ransomware groups immediately took credit for the incident.
"While the company is focused on actively managing this security event, the event has caused — and may continue to cause — disruption to parts of the company's business, including certain aspects of its provision of local advertisements by its local broadcast stations on behalf of its customers," Sinclair said in the filing.
Sinclair shares declined about 3.3% in afternoon trading.
Ransomware attacks, in which cybercriminals encrypt an organization's data and then demand payment to unscramble it, are a growing scourge in the U.S. The Biden administration has pledged to disrupt and prosecute criminal networks like the one that attacked a major U.S. pipeline company in May. The attack on Colonial Pipeline, which led to gas shortages along the East Coast, was attributed to a Russia-based gang of cybercriminals.
Several media outlets have been hit by ransomware attacks in recent years. Cox Media Group, a major media conglomerate, said recently it was the target of a ransomware attack earlier this year. And a ransomware attack briefly knocked the Weather Channel off air in 2019
Attacks also crippling hospitals, schools
Ransomware payments reached more than $400 million globally in 2020 and topped $81 million in the first quarter of 2021, according to the U.S. government.
Another group of criminals, dubbed "FIN 12," have also launched ransomware attacks against hospitals and other health care organizations, according to a recent report by cybersecurity firm Mandiant.
The Ponemon Institute, an independent research group that helps hospitals identify and eliminate patient safety risks, surveyed over 500 health care delivery organizations. Nearly a quarter of those impacted by ransomware attacks on patients told researchers the result was deadly.
In another recent incident, Howard University in Washington, D.C., had to cancel classes last month after being hit by ransomware.