Cyber-Attack Disrupts Distribution of Multiple US Newspapers

upnorth

Level 68
Thread author
Verified
Top Poster
Malware Hunter
Well-known
Jul 27, 2015
5,458
Several US newspapers suffered major printing and delivery disruptions on Saturday following a cyber-attack, US media report.

The attack led to delayed distribution of The Los Angeles Times, Chicago Tribune, Baltimore Sun and other titles belonging to Tribune Publishing. The company said it first detected the malware on Friday, which hit papers sharing the same printing plant. The attack is believed to have come from outside the US, the LA Times said. West Coast editions of the Wall Street Journal and The New York Times, which share the same production platform in Los Angeles, were also affected. "We believe the intention of the attack was to disable infrastructure, more specifically servers, as opposed to looking to steal information," an anonymous source with knowledge of the attack told the LA Times. Tribune Publishing spokeswoman Marisa Kollias confirmed this in a statement, saying the virus hurt back-office systems used to publish and produce "newspapers across our properties". "Every market across the company was impacted," Ms Kollias said, refusing to give more specifications on the disruptions, according to the LA Times.

It might be Ryuk that spreads but it's not yet officially confirmed.
 
F

ForgottenSeer 58943

Most corporations don't take precautions or cybersecurity seriously until something happens. They are very reactionary institutions and it can cost them millions and millions to recover from attacks. The fact is, we need regulations, audits and proper oversight. But don't expect much of anything to change in this country while relics from the Rotary Dial phone era in charge.

Also the USA is WAY behind many other countries. For example those little black credit card readers on devices are usually made by IDTech, and they are entirely plain-text without any security or encryption. A bad actor can load notepad on an embedded system and capture all of the swipes with no effort at all. Most gas stations also use them... It's pathetic.. Proper security is with OTI Readers encrypted at the head all of the way back to the processing agent and can't be intercepted. Overseas in most countries they use NAYAX and VPOS systems, encrypted end to end with mutating keys. It's actually illegal in most countries outside of the USA to use IDTech (or similar readers) Once again, the USA is way way behind in that area as well.

All corporations over 150 people should have a cybersecurity department IMO. They should use properly locked down standard user accounts in Windows. A good Antivirus package, along with a strong Email Filtration Package. Two Factor Authentication on all intra-corporate applications and cloud apps. In addition they should utilize geo-fence logins so anyone not within the corporate subnet can't even login to their applications/TFA. Quarterly external and internal pentesting and brute force analysis should be performed.

This is the bare minimum for any mid-size or larger corporation to ensure security. If things don't change fast it's only a matter of time before all of this becomes unmanageable.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top