Incident Of The Week: Cyber Attack Takes Weather Channel Offline

On Thursday, April 18, 2019, The Weather Channel live broadcast went offline for about an hour according to The Wall Street Journal, which the company later confirmed in a Twitter statement was due to a ‘malicious software attack.’ The FBI is now investigating the ransomware attack that shut down the Weather Channel’s live program, which forced the cable channel to resort to a taped program.

See Related: “Inside The Life Of Former FBI Agent’s International Cyber Security Stings”

“Backups were used to restore affected computers and live transmission soon returned, allowing the channel to resume its program. While the transmission stopped, viewers took to Twitter to find out what happened,” reported Security Boulevard.

“We experienced issues with this morning’s live broadcast following a malicious software attack on the network,” reads the Twitter statement. “We were able to restore live programming quickly through backup mechanisms. Federal law enforcement is actively investigating the issue. We apologize for any inconvenience to viewers as we work to resolve the matter.”

According to The Wall Street Journal, the FBI confirmed a ransomware attack hit the network, but offered no details on how the hackers got inside the computer system or whether ransom was demanded.

Ransomware Attacks

Ransomware attacks are often spread through email attachments or malicious links in emails, designed to make a computer system inaccessible, with hackers demanding a ransom payment in order to get your data back. They are growing in complexity and becoming more common making most networks vulnerable to this type of attack. So far, large banks, corporations, hotels, educational institutions, hospitals, healthcare facilities and even local governments have been targeted by hackers looking to extort money.

See Related: “The Economic Side Of Cyber Security Risk Management”

In one of the most devastating examples, a strain of ransomware called WannaCry, believed to have been developed by North Korea, was released worldwide in 2017. The worldwide ransomware attack hit 200,000 computers in 150 countries.

What Can You Do If You Fall Victim?

Jason Glassberg, the cofounder of the security firm Casaba Security, told Business Insider what to do if you accidently fall victim to a ransomware attack:  

1. Alert law enforcement. While they might not be able to help you much, they should still be made aware of the crime.
2. Turn off your infected computer and disconnect it from the network it is on. An infected computer can potentially take down other computers sharing the same network.
3. Back up the data on a separate hard drive so you can at least recover the data you lost from the point of the last backup. While the malicious software itself can be removed, getting your data back is a whole different story.

Finally, you have to decide whether or not you are going to pay the ransom, which is a highly debated topic. "We have seen many scenarios where even if the user pays, they don't get the recovery keys. So it's one of the reasons we tell our customers that paying the ransom is not the best course of action," says Steve Grobman, the chief technology officer of Intel's Security Group.

"For starters, paying the ransom may not result in you getting your keys back. And you are also providing additional incentives for the criminal element to continue to build ransomware and make it more effective and help it become an even bigger problem in the future."

See Related: "Incident Of The Week" Articles