Security News > 2021 > October > Sinclair Confirms Ransomware Attack That Disrupted TV Stations

Sinclair Broadcast Group, which owns hundreds of local television stations across the U.S., confirmed Monday that it has suffered a ransomware attack.

Sinclair is "Actively managing" the fallout from the attack, it said, after implementing its incident-response plan.

Many of Sinclair's 294 television stations took to Twitter on Sunday to let viewers know that they were experiencing technical difficulties - preventing their ability to provide local programming like news and other broadcast content like in-market NFL games.

A source also told the Record that the stations are interconnected by a central Sinclair Active Directory, which allowed the cyberattackers to infiltrate seemingly disparate operations.

Sinclair didn't supply other details that would be of interest, such as which ransomware strain was used, how the ransomware infiltrated its network initially or a timeline for remediation.

"It should be noted that even though threat actors deployed ransomware just a few days ago, with many ransomware attacks these days, the initial access that precipitated the attack generally occurs weeks, if not months, ahead of time," said Crane Hassold, director of threat intelligence at Abnormal Security, via email.

News URL

https://threatpost.com/sinclair-ransomware-tv-stations/175548/