Sinclair Broadcast Group, which owns and runs dozens of television stations across the United States, announced on Monday that ransomware had encrypted some of its servers and workstations, and that data had been stolen from its network.
According to the corporation, it began investigating on Saturday and discovered that portions of its office and operational networks had been interrupted on Sunday. The broadcasting company did not indicate how many TV stations were directly affected right away.
The Hunt Valley, Maryland-based corporation owns or controls 21 regional sports networks, as well as 185 television stations in 86 locations that it owns, operates, or provides services to.
On Monday afternoon, WNWO in Toledo, Ohio, appeared to be off the air. “Our operations are now limited,” the station said on Facebook. We’ll keep you updated as more information becomes available.”
WJLA, a Sinclair-owned ABC affiliate in Washington, began its 4 p.m. newscast by informing viewers that the station had been hacked and that its computers and video servers were down. WZTV in Nashville, Tennessee, posted a message on its website on Monday about “severe technical challenges” at the station that are preventing it from streaming content.
“We are also unable to access our email and your calls to the station at this time,” it added.
Sinclair said it has taken steps to minimise the compromise and is continuing its investigation. However, it stated that the data theft has caused — and may continue to cause — disruption to certain components of its business, including local broadcast station marketing. The company stated that it is striving to get back up and running.
Sinclair stated that it is unable to predict if the data breach will have a material impact on its business, operations, or financial performance.
In the United States, ransomware attacks, in which cyber criminals encrypt an organization’s data and then demand payment to decrypt it, are becoming more common. The Biden administration has promised to destroy and prosecute criminal networks like the one that attacked a major pipeline firm in the United States in May. A cybercriminal ring based in Russia was blamed for the attack on Colonial Pipeline, which resulted in gas shortages along the East Coast.
According to the US government, ransomware payments topped $400 million globally in 2020 and $81 million in the first quarter of 2021.
The hackers behind the ransomware attack on Sinclair might have gotten into the company’s system a long time ago, according to Crane Hassold, director of threat intelligence at Abnormal Security.
“With many ransomware assaults these days, the initial access that triggers the attack usually happens weeks, if not months in advance,” he explained.
In recent years, ransomware attacks have targeted a number of media outlets. A ransomware attack on Cox Media Group, a major media conglomerate, occurred earlier this year, according to the company. In 2019, the Weather Channel was briefly taken offline due to a ransomware attack.
Sinclair’s stock dropped 80 cents, or approximately 3%, to settle at $26.39 on Monday.