A cyber-attack into one of United States’ biggest media groups, the Tribune Publishing, caused major printing and delivery disruptions for several major US newspapers over the weekend. This cyber attack affected the printing centers operated by the publishing firm and also its former property, the Los Angeles Times.
The attack that took place on Saturday seemed to have originated from outside the United States, according to the Los Angeles Times report. This led to the distribution delays in the Saturday edition of the Times, the Tribune, the Sun and other newspapers that share a production platform in Los Angeles.
According to The New York Times, “a news article in The Los Angeles Times, and one outside computer expert said the attack shared characteristics with a form of ransomware called Ryuk, which was used to target a North Carolina water utility in October and other critical infrastructure.”
According to The Los Angeles Times report, “The Times and the San Diego paper became aware of the problem near midnight on Thursday. Programmers worked to isolate the bug, which Tribune Publishing identified as a malware attack, but at every turn, the programmers ran into additional issues trying to access a myriad of files, including advertisements that needed to be added to the pages or paid obituaries.”
“After identifying the server outage as a virus, technology teams made progress on Friday quarantining it and bringing back servers, but some of their security patches didn’t hold and the virus began to reinfect the network, impacting a series of servers used for news production and manufacturing processes”, the report added.
By late Friday, the attack was hindering the transmission of pages from offices across Southern California to printing presses as publication deadlines approached.
Tribune Publishing said in a statement on Saturday, “the personal data of our subscribers, online users, and advertising clients have not been compromised. We apologize for any inconvenience and thank our readers and advertising partners for their patience as we investigate the situation.”
It was unclear whether company officials have been in contact with law enforcement regarding the suspected attack. Katie Waldman, a spokeswoman for the Department of Homeland Security, said “we are aware of reports of a potential cyber incident affecting several news outlets, and are working with our government and industry partners to better understand the situation”, the Los Angeles Times reported.
Pam Dixon, executive director of the World Privacy Forum, a nonprofit public interest research group, said, “usually when someone tries to disrupt a significant digital resource like a newspaper, you’re looking at an experienced and sophisticated hacker”. She added that the holidays are “a well known time for mischief” by digital troublemakers because organizations are more thinly staffed.
Read more about this news on The Los Angeles Times’ complete report.
*** This is a Security Bloggers Network syndicated blog from Security News – Packt Hub authored by Savia Lobo. Read the original post at: https://hub.packtpub.com/a-ransomware-attack-causes-printing-and-delivery-disruptions-for-several-major-us-newspapers/