Cybersecurity, Newspapers and Ransomware
Although print newspapers are having issues due to the online outlets, these are still present and noticeable throughout the communities and provide a valuable service. The newspapers have not been targeted over the last few years, as frequently as others. These organizations don’t have PII or PHI to the extent others, e.g. doctor’s officed or hospitals. These also don’t have a mass amount of money laying about. While there are other more viable targets, the newspapers certainly may have their systems focused on by the attackers.
Incident
When the attack was first noticed, the management termed the issue as a “glitch”. The attack ended up being detected on Saturday. Due to the attack, the organization was not able to print and deliver the Sunday paper. The attack itself was detected by the IT staff, as it affected the servers and computers had been breached by malware. This acted by encrypting the files. The malware also was infecting the systems for Tribune Publishing.
Ransomware
The paper was a victim of ransomware. The systems and data were encrypted. The attackers used the Ryuk ransomware. This particular version was largely successful in late 2018. Generally, the attack operates such that the files are encrypted, and a ransom is paid for the decrypt key.
Thoughts
Ransomware can be a real nightmare for the direct victims and indirect persons affected by the organization’s lack of operations. This has the ability to encrypt an entire system and data sets. If there are no viable back-ups in place, the situation has the unfortunate ability to be very interesting for the target. This highlights the need for a properly trained incident response team.
Resources
Hand, L. (2019, April 28). Watertown newspaper hacked, cannot print sunday edition. Retrieved from https://cnycentral.com/news/local/watertown-newspaper-hacked-cannot-print-sunday-editions
WWNY. (2019, April 28). Watertown times attacked by malware; Sunday paper not printed. Retrieved from https://www.wwnytv.com/story/40279959/watertown-times-attacked-by-malware-sunday-paper-not-printed
About the Author - Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.Although print newspapers are having issues due to the online outlets, these are still present and noticeable throughout the communities and provide a valuable service. The newspapers have not been targeted over the last few years, as frequently as others. These organizations don’t have PII or PHI to the extent others, e.g. doctor’s officed or hospitals. These also don’t have a mass amount of money laying about. While there are other more viable targets, the newspapers certainly may have their systems focused on by the attackers. Incident When the attack was first noticed, the management termed the issue as a “glitch”. The attack ended up being detected on Saturday. Due to the attack, the organization was not able to print and deliver the Sunday paper. The attack itself was detected by the IT staff, as it affected the servers and computers had been breached by malware. This acted by encrypting the files. The malware also was infecting the systems for Tribune Publishing. Ransomware The paper was a victim of ransomware. The systems and data were encrypted. The attackers used the Ryuk ransomware. This particular version was largely successful in late 2018. Generally, the attack operates such that the files are encrypted, and a ransom is paid for the decrypt key. ThoughtsRansomware can be a real nightmare for the direct victims and indirect persons affected by the organization’s lack of operations. This has the ability to encrypt an entire system and data sets. If there are no viable back-ups in place, the situation has the unfortunate ability to be very interesting for the target. This highlights the need for a properly trained incident response team. ResourcesHand, L. (2019, April 28). Watertown newspaper hacked, cannot print sunday edition. Retrieved from https://cnycentral.com/news/local/watertown-newspaper-hacked-cannot-print-sunday-editions WWNY. (2019, April 28). Watertown times attacked by malware; Sunday paper not printed. Retrieved from https://www.wwnytv.com/story/40279959/watertown-times-attacked-by-malware-sunday-paper-not-printed About the Author - Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.