Cox Media Group appeared to be struggling with a ransomware attack on Thursday after many of its live streams went down.
Sources within the company told cyber security news site The Record that they had been ordered to shut down all of their computers to stop the problem from spreading. Live streams from the company's TV and radio stations also went down as the company reportedly had to suspend some live programming.
Some employee tweets yesterday apologizing for feeds being down were unavailable today. However, a tweet from streaming TV operation Hulu reporting issues with feeds from Cox-owned properties was still viewable this morning.
Cox is a large US media conglomerate, comprising 54 radio stations in 10 markets and 33 TV stations in 20 markets. It also operates the conservative news site rare.us, which appears to be unaffected.
Live feeds still appeared to be down on some Cox-owned radio sites, including WHIO 1290 this morning.
Sources reportedly described the incident as a ransomware attack to The Record. The cyber event comes on the heels of unrelated attacks on large meat producer JBS and the Colonial Pipeline. The latter disrupted gasoline supplies in some parts of the US.
RELATED RESOURCE
The US has recently increased its ransomware attacks scrutiny as they begin to pose a more visible national security threat.
On Thursday, National Security Council official Anne Neuberger, the deputy national security advisor for cyber and emerging technology, sent an open letter to US businesses urging them to be more resilient after the JBS and Colonial attacks. The letter laid out a series of protective steps, including backing up data, segmenting their networks, and maintaining an incident response plan.
The Department of Justice also sent internal guidance yesterday elevating ransomware attack investigations to a similar priority level as terrorism, reported Reuters.
-
Prolific ransomware operator added to Europe’s Most Wanted list as US dangles $10 million rewardNews The US Department of Justice is offering a reward of up to $10 million for information leading to the arrest of Volodymyr Viktorovych Tymoshchuk, an alleged ransomware criminal.
-
Jaguar Land Rover “did the right thing” shutting down systems to thwart cyber attackNews The attack on Jaguar Land Rover highlights the growing attractiveness of the automotive sector
-
Ransomware attack on IT supplier disrupts hundreds of Swedish municipalitiesNews The attack on IT systems supplier Miljödata has impacted public sector services across the country
-
A notorious hacker group is ramping up cloud-based ransomware attacksNews The Storm-0501 threat group is refining its tactics, according to Microsoft, shifting away from traditional endpoint-based attacks and toward cloud-based ransomware.
-
Security researchers have just identified what could be the first ‘AI-powered’ ransomware strain – and it uses OpenAI’s gpt-oss-20b modelNews Using OpenAI's gpt-oss:20b model, ‘PromptLock’ generates malicious Lua scripts via the Ollama API.
-
Data I/O shuts down systems in wake of ransomware attack
News Regulatory filings by Data I/O suggest the costs of dealing with the attack could be significant
-
Average ransom payment doubles in a single quarterNews Targeted social engineering and data exfiltration have become the biggest tactics as three major ransomware groups dominate
-
BlackSuit ransomware gang taken down in latest law enforcement sting – but members have already formed a new groupNews The notorious gang has seen its servers taken down and bitcoin seized, but may have morphed into a new group called Chaos
