Last weekend, Sinclair Broadcast Group found itself the victim of a ransomware attack, and two anonymous sources claim Russian group Evil Corp. was behind it (via Bloomberg).
Evil Corp Ransomware Attack
Evil Corp., sanctioned by the U.S. Treasury Department in 2019, used malware known as Macaw, which is a variant of the WastedLocker ransomware.
Sinclair issued a statement on October 18, saying:
On October 17, 2021, the Company identified that certain servers and workstations in its environment were encrypted with ransomware, and that certain office and operational networks were disrupted. Data also was taken from the Company’s network. The Company is working to determine what information the data contained and will take other actions as appropriate based on its review.
Promptly upon detection of the security event, senior management was notified, and the Company implemented its incident response plan, took measures to contain the incident, and launched an investigation.
The attack took down Sinclair’s internal network, email services, phone services and the broadcasting systems of local TV stations. Sinclair owns, operates and provides services to 185 television stations in 86 markets.