Business Continuity Management / Disaster Recovery , Cybercrime , Fraud Management & Cybercrime

Today's Forecast: Cloudy With a Chance of Malware

Program on The Weather Channel Knocked Off Air by Malware for 90 Minutes
Today's Forecast: Cloudy With a Chance of Malware

For about 90 minutes Thursday morning, the broadcast of The Weather Channel's signature early show, "AMHQ," was shut down by what the company called "a malicious software attack."

See Also: The Healthcare CISO’s Guide to Medical IoT Security

The Weather Channel was forced to run pre-recorded programming from about 6 a.m. to 7:40 a.m. EDT, CNN reports. Afterward, the channel sent a tweet explaining what happened:

"We were able to restore live programming quickly through backup mechanisms," the tweet notes.

A spokesperson for the channel declined to elaborate on the details of the attack, including the type of malware. So it's not clear whether ransomware was involved.

Value of Backups

Over the last several years, security companies have emphasized using back-up and recovery systems as a way to restore networks after ransomware and other attacks, as The Weather Channel apparently did.

In a recent ransomware against a local government in Georgia, the target apparently did not have the proper back-up systems in place and ended up paying about $400,000 in ransom to recover encrypted data (see: Georgia County Pays $400,000 to Ransomware Attackers).

While not many details are known, the fact that the back-up and recovery systems worked was key to a fast recovery, says Joseph Carson, chief security scientist at Thycotic, a Washington-based security firm. He adds that other companies should take note if ransomware was used.

"It will be interesting to see if this attack is related to the most recent string of malicious malware impacting other global organizations such as the 'LockerGoga' that impacted Norsk Hydro several weeks ago causing more than over $40 million so far and still several systems are under manual control week following the incident," Carson says.

Broadcasters Targeted

Over the past several years, various television broadcasters have been faced with malware attacks that have forced them to go dark or interfered with the daily programming.

In 2017, for instance, an attack shut down French broadcaster TV5Monde. The attackers took advantage of the broadcaster's Active Directory system and created their own admin-level credentials that allowed them to gain access to routers, switchers and other parts of the internal network, according to news reports.


About the Author

Scott Ferguson

Scott Ferguson

Former Managing Editor, GovInfoSecurity, ISMG

Ferguson was the managing editor for the GovInfoSecurity.com media website at Information Security Media Group. Before joining ISMG, he was editor-in-chief at eWEEK and director of audience development for InformationWeek. He's also written and edited for Light Reading, Security Now, Enterprise Cloud News, TU-Automotive, Dice Insights and DevOps.com.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.