A ransomware attack is likely the cause of the recent downtime for TV stations owned by the Sinclair Broadcast Group broadcast television company.
TV stations owned by the Sinclair Broadcast Group went down over the weekend officially due to technical issues, but some media [1,2] reported that it was a victim of a ransomware attack.
The alleged attack compromised the Sinclair internal corporate network, the broadcasting systems of TV stations, email servers, and phone services were impacted.
Still dealing with technical difficulties at @CBS6Albany …. Our 11pm newscast (which is starting late after football) will be unconventional. We’re working with handwritten notes, and it’s going to be a bit more conversational. Tune in, and thanks for bearing with us! 😀🙏🏼 pic.twitter.com/D620UCD72F
— Leanne DeRosa (@LeanneDeRosa7) October 18, 2021
We are learning this is a corporate wide problem. We are standing by as we wait to get on the air. https://t.co/aYaSa3VJLU
— Kristin Bien (@KristinBienWSBT) October 17, 2021
Sinclair Broadcast Group is a Fortune 500 media company, the group is a publicly-traded American telecommunications conglomerate having annual revenues of $5.9 billion in 2020.
The company is the second-largest television station operator in the United States by number of stations, it owns or operates a total of 193 stations across the country in over 100 markets (covering 40% of American households). The company operates many stations affiliated with Fox, ABC, and The CW.
Sources have told BleepingComputer that ransomware operators shut down Active Directory services for the domain, paralyzing the services at the company and its affiliates.
According to TheRecord media, the attack did not impact “the master control” of the Sinclair broadcast system that allows the TV stations to replace the scheduled local programming on the affected channels with a national feed
In July, the company suffered another security incident, in response to the security breach it forced all Sinclair stations to reset their passwords.
Recently, the American media conglomerate Cox Media Group (CMG) announced it was hit by a ransomware attack that caused the interruption of the live TV and radio broadcast streams in June 2021. The company notified via mail hundreds of individuals that were impacted by the security breach and that that have had their personal data exposed in the attack.
Follow me on Twitter: @securityaffairs and Facebook
Pierluigi Paganini
International Editor-in-Chief
Cyber Defense Magazine