Recently in the North American country, incidents of this type were registered in gas and meat companies. Now the threat seems to reach the media. "We can only communicate through personal phones," said the employee of a channel.
At least two television stations dedicated to broadcasting news in the US have been victims of a cyberattack that has left them without a signal since Thursday. According to cybersecurity experts, it is "ransomware" or data hijacking, which affected the parent company of the channels.
Channels WFTV based in Florida and WPXI Pennsylvania, both affiliated with the chains ABC and NBC, respectively, owned by Cox Media Group, received express instructions from managers to turn off all computers and disconnect the phone companies from Thursday.
"We can only communicate with each other through personal phones and text messages," said a WFTV employee who asked not to be identified as he is not authorized to speak on behalf of the channel.
Until now, the two television channels could carry out local transmissions, but with some limitations in terms of their operability.
Allan Liska, an analyst at the cybersecurity company Recorded Future, said this incident is about a data hijacking by hackers holding channel files hostage to demand payment. He also assured that this is the most recent ransomware that has been registered in the United States.
"An 'IT incident' that spreads to multiple organizations in a company is almost always a ransomware attack," Liska said.
Brett Callow, a threat analyst at the cybersecurity company Emsisoft, agreed with Liska's assessment.
"The most likely cause of any incident involving widespread and unplanned IT disruption is ransomware or the detection of malware that can be used to implement ransomware," Callow said.
"The other things that could cause such a shutdown are much less likely," he added.
In Orlando, channel managers asked their employees on Thursday not to go to the channel's facilities, a request that was repeated this Friday. However, they did not report what was wrong with the computer networks.
They didn't tell us on social media why we weren't broadcast," the employee said. "We feel the need to inform our audience.
In Pennsylvania, IT network personnel had to shut down the television company's servers Thursday morning as a precaution, an employee said.
"Since then, we have been locked down," leaving staff unable to access internal emails and programs used for their transmissions, the employee said. "It's pretty paralyzing right now."
In recent years, schools, businesses, and even hospitals have been the constant victims of data hijacking by hackers in the United States. However, this scourge has recently become an emergency for the federal government after the attack on Colonial, the largest gas pipeline company in the country, which had to supply fuel for five days, causing severe shortages in the North American nation.
Last Sunday, a gang of computer hijackers attacked the world's largest meat supplier, JBS, forcing them to temporarily halt work at its US plants.
The vast majority of 'professional' ransomware gangs, including those responsible for the JBS and Colonial attacks, speak Russian and have several of their members in Russia, which could indicate that they can operate from that country with total impunity, for this reason, US President Joe Biden assured that he is "watching closely" the reprisals.
On Thursday, the Biden administration announced that it would begin treating ransomware attacks as a national security threat rather than simply a criminal attack, government sources said.
In a document distributed to federal prosecutors Thursday, Assistant Attorney General Lisa Monaco said the Department of Justice is raising its ransomware investigations to the same level as terrorism investigations, further stating that:
We need to improve and centralize the internal oversight of data hijacker groups and legal action against them.
We know that ransomware attacks and digital extortion schemes are often carried out by international national criminal elements, spanning geographical boundaries, and misleading online financial and digital infrastructure," the statement said. Thrive on use.