If you were watching your local news station on Sunday and it suddenly cut out, it wasn't because you accidentally bumped the remote or your TV stopped working.
It was because of ransomware.
Sinclair Broadcasting Group, one of the largest broadcasting companies in the United States, announced it fell victim to a ransomware attack that disrupted the company's operations.
Some employees took to Twitter to share what it was like to experience the incident in real time. Two reporters for a local Indiana news station shared this:
Many people who have experienced a cybersecurity related incident where you are unable to do your job can relate to these two.
Sinclair broadcasting victim to ransomware
Sinclair owns or operates 186 television stations in 86 U.S. markets and is on over 600 channels, so a corporate-wide problem related to cybersecurity could be quite serious.
After learning of the incident, the company acted swiftly and appropriately to mitigate the ransomware situation. Here is part of the official statement from Sinclair:
"On October 16, 2021, the Company identified and began to investigate and take steps to contain a potential security incident. On October 17, 2021, the Company identified that certain servers and workstations in its environment were encrypted with ransomware, and that certain office and operational networks were disrupted. Data also was taken from the Company's network. The Company is working to determine what information the data contained and will take other actions as appropriate based on its review.
Promptly upon detection of the security event, senior management was notified, and the Company implemented its incident response plan, took measures to contain the incident, and launched an investigation. Legal counsel, a cybersecurity forensic firm, and other incident response professionals were engaged. The Company also notified law enforcement and other governmental agencies. The forensic investigation remains ongoing."
Sinclair says this incident has caused and may continue to cause disruption to local broadcast stations, but has not yet determined if there will be a material impact on its business, operations, or financial results.
It will also use this incident as an opportunity to improve existing cybersecurity measures, the company said.
[RELATED] Don't miss any of SecureWorld's upcoming Remote Sessions webcasts covering ransomware and other cybersecurity topics.