Major US newspapers crippled by Ryuk ransomware attack
All Tribune Publishing newspapers, as well as US-printed newspapers formerly part of Tribune, were hit with a cyber attack involving Ryuk ransomware.
The malware was discovered and later quarantined on Friday, but the security patches failed to hold when the servers were brought back online and the ransomware began to re-infect the network and impact servers used for news production and manufacturing processes. A Tribune spokesperson said the malware “impacted some back-office systems, which are primarily used to publish and produce newspapers across our properties.”
The Los Angeles Times reported that the cyber attack is believed to have “originated from outside the United States, but officials said it was too soon to say whether it was carried out by a foreign state or some other entity.”
And an unnamed source claimed, “The attack was to disable infrastructure, more specifically servers, as opposed to looking to steal information.”
Print subscribers of affected newspapers ultimately received trimmed down versions that were delivered late — a full day in some cases — slimmed-down Saturday versions without paid classified ads or death notices were received on Sunday.
Print editions of the following Tribune Publishing newspapers were impacted by the cyber attack: the Chicago Tribune, the Baltimore Sun, the Orlando Sentinel, the New York Daily News, Lake County News-Sun, Post-Tribune, Hartford Courant, Capital Gazette, The Morning Call, the Daily Press, the Virginian-Pilot, and Carroll County Times.
The Los Angeles Times and San Diego Union Tribune, which were formerly part of Tribune Publishing newspapers, were also slammed by the ransomware.
Original report can be found on CSO.
New Security Report Highlights Trends in Mid-Market Business MalwareJanuary 2, 2020
2020 Cybersecurity Trends to WatchDecember 31, 2019
The Internet: Looking Back and Forward 50 YearsNovember 18, 2019
Alarm in Texas as 23 towns hit by ‘coordinated’ ransomware attackAugust 19, 2019
AT&T employees took bribes to plant malware on the company’s networkAugust 8, 2019