image
Sinclair Broadcast Group, which owns hundreds of local television stations across the U.S., confirmed Monday that it has suffered a ransomware attack. The incident is disrupting its advertising operations, among other things, and spread to many of its owned TV affiliates over the weekend, knocking local broadcast feeds off the air. The cyberattack disrupted the company’s general and office operations and resulted in data exfiltration, according to the media group’s statement to the Securities and Exchange Commission (SEC): “On October 16, 2021, the company identified and began to investigate and take steps to contain a potential security incident. On October 17, 2021, the company identified that certain servers and workstations in its environment were encrypted with ransomware, and that certain office and operational networks were disrupted.” Sinclair is “actively managing” the fallout from the attack, it said, after implementing its incident-response plan. “The forensic investigation remains ongoing,” it added, explaining that it’s dealing with continuing disruption, including problems with provisioning local commercials at its TV stations. “Modern ransomware actors have learned to target an organization’s critical business systems as these need to be back online quickly and one of the easiest ways is to pay the ransom to obtain the key to decrypt those systems,” Jon Clay, vice president of threat intelligence at Trend Micro, said via email. “In this situation, targeting…

Source