Cybercrime , Fraud Management & Cybercrime , Malware as-a-Service

Cox Media Group Affiliates Go Offline

Ransomware Suspected as a Possible Reason for the Outage at Some Outlets
Cox Media Group Affiliates Go Offline

Cox Media Group's TV and radio affiliates' ability to livestream content was mostly offline Thursday evening, possibly due to an unspecified cyber incident, says the security firm Recorded Future.

See Also: Mitigating Identity Risks, Lateral Movement and Privilege Escalation

"We spent the evening after the initial report looking for Cox-affiliated stations and testing their livestreams. Every single Cox station we could find, the livestream was broken," says Allan Liska, a senior intelligence analyst at Recorded Future.

Liska did not identify an exact reason for the outage, but noted it has all the hallmarks of a ransomware attack.

"The attack has all the signs of a ransomware attack, but no one in Cox or [Apollo Global Management] leadership is talking. At this point, we can't confirm it is a ransomware attack, but again, it sure feels like one from all the external indicators," he says. Apollo own a majority stake in some Cox affiliates and stations.

NBC News is reporting that employees working at the Cox Media-owned ABC affiliate WFTV in Orlando, Florida, and NBC affiliate WPXI in Pittsburgh were told to shut down company-owned computers and phones.

An unnamed Cox employee tells The Record, which Recorded Future owns, that staffers at their affiliate were instructed to shut down and log out of all accounts to stop whatever was happening from spreading.

WFTV, WPXI and Cox Media Group have not responded to an Information Security Media Group request for additional information.

Cox operates more than 100 media outlets in 20 markets across the U.S.

Ransomware Rampage

Ransomware gangs have been on the offensive over the past several weeks with the fuel distribution firm Colonial Pipeline Co., meat processor JBS and Fujifilm all being victimized.

The spate of attacks has spurred the federal government to take action, with Anne Neuberger, deputy assistant to the president and deputy national security adviser for cyber and emerging technology, sending an open letter to U.S. business leaders asking them to take ransomware seriously and prepare to defend their organizations.

"The private sector also has a critical responsibility to protect against these threats. All organizations must recognize that no company is safe from being targeted by ransomware, regardless of size or location. But there are immediate steps you can take to protect yourself, as well as your customers and the broader economy," Neuberger wrote.


About the Author

Doug Olenick

Doug Olenick

Former News Editor, ISMG

Olenick has covered the cybersecurity and computer technology sectors for more than 25 years. Prior to his stint as ISMG as news editor, Olenick was online editor for SC Media, where he covered every aspect of the cybersecurity industry and managed the brand's online presence. Earlier, he worked at TWICE - This Week in Consumer Electronics - for 15 years. He also has contributed to Forbes.com, TheStreet and Mainstreet.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.