Media Group Sinclair Broadcasting Experiences Ransomware Intrusion

In a series of cyberattacks, two major media companies, Sinclair Broadcast Group and Cox Media, have been targeted by the hacking group Evil Corp.

The attack on Sinclair Broadcast Group, which was confirmed on October 21, 2021, affected several local news broadcasts and internal office functions. The company engaged an outside cyber forensics team, legal counsel, and other professionals to investigate the attack. It is currently unknown whether this attack will have a material impact on Sinclair's business, operations, or financial results.

The ransomware attack on Sinclair is linked to the WastedLocker strain, which is also connected to the attack on Olympus that began on October 10. Evil Corp, a sanctioned hacking organization, is believed to be behind both attacks. They used the Macaw malware variant to access Sinclair's network, encrypting workstations and servers inside the company.

Sinclair is working to securely restore operations after the attack. However, data was stolen in connection with the attack, and the company is currently trying to determine what information was removed. The company notified law enforcement and other government agencies about the attack but did not provide details about a potential ransom demand or the attacker's identity.

Television news is a highly sought-after target of ransomware groups. Ransomware attacks on such organizations can impact the provision of local advertisements, potentially causing disruptions in revenue streams.

Cox Media, another victim of a recent cyberattack, was affected earlier in October. The attack on Cox Media tried to remove a copy of data from its network, but it created a backup copy of data from its computer networks, preventing a complete data loss. Cox Media retained outside cyber experts to investigate the attack.

The rise in ransomware attacks on media companies underscores the importance of robust cybersecurity measures. Companies must be proactive in protecting their networks and data to prevent such attacks and minimise their impact.

A spokesperson for Olympus, another company linked to the Evil Corp attack, declined to comment on the actions of criminal actors but assured that they are committed to providing appropriate notifications to impacted stakeholders.

As the investigation into these attacks continues, both Sinclair and Cox Media, along with other affected companies, will need to prioritise their cybersecurity to protect their operations and the trust of their audiences.