• Get involved.
    We want your input!
    Apply for Membership and join the conversations about everything related to broadcasting.

    After we receive your registration, a moderator will review it. After your registration is approved, you will be permitted to post.
    If you use a disposable or false email address, your registration will be rejected.

    After your membership is approved, please take a minute to tell us a little bit about yourself.
    https://www.radiodiscussions.com/forums/introduce-yourself.1088/

    Thanks in advance and have fun!
    RadioDiscussions Administrators

Cox hit by ransomware attack

A

AMFMTV

WSB had to dump out of the last hour of Atlanta's morning news around 830 and pitch to the EVH and Co. because of this. Mark McKay, in for Slade, said they were having technical difficulties and tossed it to the CBS top of the hour cast at 8 AM.

Not sure what it sounds like locally over the air today, as I'm on the road, but none of the live stream links are working online.

www.ftvlive.com

BREAKING! Cox Station Targeted in Ransomware Attack — FTVLive

BREAKING NEWS! Cox stations dealing with multiple computer issues after getting hacks….
www.ftvlive.com www.ftvlive.com
 
My thoughts go out to their engineering staff, as I'm sure an attack like this can be a real bear to deal with and may take several hours or for some specific equipment, maybe days to work through depending on the bug, what systems were networked and affected, etc. Regarding the on-air product, imagine that..They'll need to do live reads, no voice tracks, possibly possibly play music from a source other than an automation computer, etc. Hopefully they have viable backups of all programming and audio files.

This just goes to show how quickly and easily something like this can happen, regardless how well a corporation thinks they're protected. While there are definitely a lot of benefits to networked equipment and studios, one really needs to consider if those really need to be on systems with constant connectivity to the web. If so, just having strong passwords and software protections isn't enough. One also needs to determine if EVERYTHING in their facility(s) really needs to be networked, if all equipment is fully and properly backed up on a regular basis, if there's a system of redundancy that operators can quickly switch to if need be, etc.
 
Last edited:
The media company I work for here in Australia was attacked back in March, taking out a lot of our back-end operations, and disabling the main playout system in our national TV operations. On the radio side, we spent almost a month manually building ad logs for 9 radio stations, until we devised a workaround. It was hell. So I know how the staff feel. TV was affected a lot worse
 
Here's an article with at least several stations listed. In another article I read yesterday about both radio and TV stations that were affected, it mentioned a handful of TV stations, including WPXI in Pittsburgh.

radioink.com

Report: Cox Hit With Ransomware Attack - Radio Ink

Saving Country Music is reporting that 8 Cox country radio stations were affected by a potential ransomware attack on Thursday. The stations were still on the air, but, according to the report, the live feeds to the station websites were down.
radioink.com radioink.com
 
The cyberthieves have done this country a great favor. If a group of individuals can inflict this much damage, think what a government that really wanted to harm the USA could do. My own personal question is why are critical systems exposed to the internet? Just a few organizations that functioned fine without computers:



The Colonial Pipeline went into service around 1965 thirty years before Windows 95. There were pipelines delivering fuel during World War 2 without computers.



Swift (JBS) has shipped beef since 1877.



This nation has been blessed with safe municipal drinking water for decades (with a few notable exceptions). The following link should give you some thoughts when you brush your teeth every morning.



America’s Drinking Water Is Surprisingly Easy to Poison



I understand the accounting and billing cost advantages of computers, but does EVERYTHING have to be connect to the internet? Would not a few common sense steps save use all some grief?

IMHO having a way to limit or access to proxy servers or at least make it an “opt in” to questionable proxy servers by internet service providers. Turn off or disconnect from the network unused computers. Utilities and critical services (if they have to be on the internet) should communicate “trusted” address only.

I personally pay for internet security instead of using “free” versions.
 
BarryATL said:
Where is the cart rack when you need it? :)
Click to expand...
I wonder how many remember what a "SP/AT" is?
(Slide Projector with Audio Tape....the day's spots were all on one 30 minute FideliPac cart. The slides came from the Film Chain.)
 
Just wait for 5G and the IOT.
They'll be hacking your kitchen appliances, cranking the HVAC to max heat, and spooling off all your TP into the toilet.
That's just for fun. Think what they can do for ransom.
 
secondchoice said:
I understand the accounting and billing cost advantages of computers, but does EVERYTHING have to be connect to the internet?
Click to expand...

That's a good question. For us, we back up everything on a computer and drive that is NOT connected to the internet or anything. We originally set that up when a drive crashed, but right now it looks like a good plan for ransomware.
 
Can ransomware from your computer go to the Cloud too? I wonder if someone will ransom a cloud provider? I have never knowingly used a cloud based service.

At work we use a different flash every day to back up client's accounts kind of like Big A's deal. They have 20 days of drives. They also have an archive service. Thankfully never had to use them.
 
I once had a conversation with someone at Iron Mountain, the big data storage company. He told me that no single data storage system is completely foolproof. It's all about backups and duplication. So the professionals recommend secure backups.
 
kenglish said:
Just wait for 5G and the IOT.
They'll be hacking your kitchen appliances, cranking the HVAC to max heat, and spooling off all your TP into the toilet.
That's just for fun. Think what they can do for ransom.
Click to expand...
I read an article a few years ago when "connected homes" and "the internet of things" really started to take off - All the stuff in our homes that can be connected to the internet and accessed remotely for our convenience - thermostats, refrigerators and ovens, lighting, entertainment systems, smart speakers, doorbells with embedded cameras, security systems and motion sensors and the list goes on. A writer for one of the better known techy blogs set up his connected home devices in a way where he was able to track which of them tried to connect to the internet, how often, and what kinds of data they may be supplying to whomever - the manufacturers of the equipment, companies who may be interested in mining data about your daily habits, preferences and lifestyle, etc. He was surprised how often some of these devices that serve a somewhat simple task tried to connect and push data.

In another article, another techy decided to connect his devices right out of the box without doing anything special or enacting any enhanced security measures or changing any of the default settings, passwords, addresses, etc. While this was a number of years ago and I'd hope more modern devices are better enabled to protect against malware and the like, he said he connected a few of the devices, and literally within minutes someone was trying to push spyware or malware onto one of them in particular. A few years ago, there were cases of hackers breaching people's baby monitor and home camera systems, seemingly just for fun or out of boredom than anything else. In one particular instance, a parent thought they heard an odd voice coming from their child's room and they went in to find some stranger talking to their kid and encouraging them to break things and trash their room. Connected homes can offer a lot of conveniences, and for those who like "toys" they can be fun to have, but like most anything else, especially when the internet and certain technologies are concerned, there are evildoers out there and people who are interested in using some of this stuff in more sinister ways.
 
Last edited:
WCDukenfield said:
So, the hackers stole secrets about how to destroy a great radio station?
Click to expand...

No. Ransomware definition: malware planted illegally in a computer or mobile device that disables its operation or access to its data until the owner or operator pays to regain control or access.
 
You should have multiple backups, because each has its own weaknesses. I have four:

1) A continuous backup to the cloud--supposedly not vulnerable to ransomware, but who knows? Definitely at the mercy of the cloud provider and how sophisticated their malware detection and versioning control is (does it store previous versions of files from before the ransomware attack?). And restoring a backup from the cloud even over broadband takes a long time.
2) A continuous backup to an external hard drive--very convenient and current, but vulnerable to ransomware, failure, or casualty.
3) An air-gapped local backup that is only connected when performing a backup. Immune to ransomware, but is only as good as the last time it was backed up. Also vulnerable to failure or casualty.
4) Another air-gapped backup that is stored offsite. Immune to ransomware but still vulnerable to failure or casualty, but the chance of it failing the same time as #3 is nil.
 
kenglish said:
Just wait for 5G and the IOT.
They'll be hacking your kitchen appliances, cranking the HVAC to max heat, and spooling off all your TP into the toilet.
That's just for fun. Think what they can do for ransom.
Click to expand...
Several years back, hackers presenting at a conference proved they could remotely take the transmission out of gear, among other things, on a Jeep vehicle with an LTE connection.

www.wired.com

Hackers Remotely Kill a Jeep on the Highway—With Me in It

I was driving 70 mph on the edge of downtown St. Louis when the exploit began to take hold.
www.wired.com www.wired.com

I agree that putting everything on the Internet seems unwise. There's not much benefit to having your thermostat or coffee pot online.
 
Update: The web streams are still down, the correct DJ's are being ID during their shows, but the "Last Song Played" still has not changed since 6:50am Eastern yesterday on all the Cox Radio Sites
 
PTBoardOp94 said:
Several years back, hackers presenting at a conference proved they could remotely take the transmission out of gear, among other things, on a Jeep vehicle with an LTE connection.
Click to expand...
A few years ago, a "computer security expert" claimed to be able to connect his laptop via the plane's entertainment system and take control of the engines and other stuff on 2 Boeing and 1 Airbus plane. In one case he claimed to briefly move the plane sideways by controlling one of the engines.

www.independent.co.uk

Meet the man who hacked into a plane and made it fly sideways

Chris Roberts of One World Labs in Denver was flying on the plane at the time it turned sideways, according to an FBI search warrant filed in April
www.independent.co.uk www.independent.co.uk
 
Status
This thread has been closed due to inactivity. You can create a new thread to discuss this topic.


Back
Top Bottom