Cybercriminals started to attack media organizations

Jun 11, 2021 09:26 GMT  ·  By

According to two people familiar with the matter, Cox Media Group's television and radio stations in the US were the targets of a cyberattack last week, with some stations still suffering the consequences, says CNN.  

The sources did not specify whether it was a ransomware attack or another type of cyberattack, but the stations' systems were affected and their operations were disrupted.

According to one of the sources, federal law enforcement is investigating the attack.

Staff at two stations say several systems are still down this week, including access to their digital video collection. Weather computers were also down at least two stations.

Some station employees told CNN that their emails have yet to be restored and that they are working on solutions. Stations have asked their employees not to open the email on their phones. An employee at one station reported new problems on Wednesday, including faulty phone lines and broadcast software.

Cox Media Group and its parent business have not publicly commented on the attack, nor has an official statement from corporate been issued to employees.

The company owns and operates 33 television stations in 20 areas across the United States. Cox and Cox's parent company, Apollo Global Management, have not replied to CNN's repeated requests for comment.

Allan Liska of Recorded Future stated, “When internal systems are compromised, it is most likely due to ransomware". 

After concerns about a change in programming, Hulu announced on Twitter last week that there were some feed issues with one of the Cox channels.

Cyberattacks skyrocketed in the U.S. 

The attack comes as the United States has experienced a sharp increase in cyber breaches and ransomware attacks that have targeted a wide swath of American life - including food, gas, water, hospitals, and transportation - and have emerged as a key issue for the Biden administration to address in its first months.

The persistent threat was brought to light on Sunday by Energy Secretary Jennifer Granholm, who warned directly that the US power grid is particularly vulnerable to cyberattacks.

Among the recent ransomware attacks was one carried out by hackers against Colonial Pipeline, that resulted in the shutdown of the key East Coast pipeline last month, resulting in the criminal hackers receiving millions in cryptocurrency. The Justice Department announced on Monday that they had successfully recovered most of the ransom from the hackers.

Moscow has denied any involvement in the hack, that the FBI claims was carried out by a Russian criminal organization called DarkSide.

Last week, the White House, claimed that a cyberattack on JBS USA, one of the world's largest food companies, was carried out by a criminal group (REvil), believed to be based in Russia. Following the JBS attack, the US Cybersecurity and Infrastructure Security Agency (CISA) issued a warning that ransomware can harm any company in any sector of the economy.