https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
  • Events
    • Back
    • 2023 Call for Speakers
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
  • Events
    • Back
    • 2023 Call for Speakers
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

Security


Shutterstock

On Air Sign

Sinclair Broadcast Hit with Ransomware Attack, Data Stolen from Network

  • Written by Edward Gately
  • October 18, 2021
The attack has caused and may continue to cause disruption to parts of Sinclair's business.

Sinclair Broadcast Group, the second-largest TV station operator in the United States, was hit with a ransomware attack this past weekend.

In the attack, servers and workstations in Sinclair’s environment were encrypted with ransomware, and office and operational networks were disrupted. The attackers also took data from the company’s network.

Sinclair says it’s working to determine what information the data contained. In addition, it will take other actions as appropriate based on its review.

Upon discovering the attack, Sinclair notified senior management and implemented its incident response plan. Moreover, it took measures to contain the incident and launched an investigation.

“Legal counsel, a cybersecurity forensic firm, and other incident response professionals were engaged,” it said. “The company also notified law enforcement and other governmental agencies. The forensic investigation remains ongoing.”

More Disruption Possible

The Sinclair ransomware attack has caused and may continue to cause disruption to parts of the company’s business. That could include an impact on local advertisements run by local broadcast stations.

“As the company is in the early stages of its investigation and assessment of the security event, the company cannot determine at this time whether or not such event will have a material impact on its business, operations or financial results,” it said.

Sinclair owns 185 television stations in 86 markets, according to its website.

Taking Advantage of Soft Targets

Ron Bradley is vice president of Shared Assessments. This is how he summed up the Sinclair ransomware attack: “Why hunt for moose when you have thousands of rabbits running around?”

Shared Assessments' Ron Bradley“The reality of Sinclair TV stations being disrupted is just another example of threat actors taking advantage of soft targets,” he said.

Generally speaking, hackers aren’t holding big banks hostage with ransomware attacks, Bradley said. That’s because they have taken precautions to secure their perimeters. They’ve minimized their blast radius and controlled internal lateral movement.

“The sad part of the story is, many small and medium size businesses (aka bunny rabbits) don’t have the wherewithal, both financially and technologically, to protect their assets,” he said. “It simply has not been part of their program. This is what makes them a soft target.”

Federal Response Likely

Sam Curry is Cybereason‘s chief security officer. He said if the hackers are identified, the U.S. government will likely respond if broadcasting networks are taken offline.

Cybereason's Sam Curry

Cybereason’s Sam Curry

“After all, we witnessed a swift and decisive response earlier this year after the Colonial Pipeline and JBS Foods ransomware attacks caused disruptions to gasoline deliveries on the East Coast and nationwide food disruptions,” he said. “If we have learned anything from the deluge of ransomware attacks in 2021, the public and private sector need to invest now to ratchet up prevention, detection and improve resilience.”

Garret Grajek is CEO of YouAttest, a cloud-based identity governance and administration (IGA) provider.

“Penetration of all our key systems, water, energy, transportation and media is a grave concern for western countries,” he said. “The fact that a major media outlet like Sinclair was affected shows how vulnerable even those with security resources are to cyberattacks.”

YouAttest's Garret Grajek

YouAttest’s Garret Grajek

Sinclair conducted a enterprise-wide password reset, Grajek said. That implies they may feel it was a compromised credential that caused the attack.

Least Privilege Needed

Enterprises need to go beyond just password resets and even two-factor authentication (2FA), and start understanding the scope and capabilities of all the identities in their enterprises, Grajek said.

Businesses must practice the principle of least privilege, he said. That limits access to resources that could be impacted in an attack, he said.

Hackers easily guess and steal user accounts, Grajek said. They then conduct lateral movement across the enterprise and privilege escalation to obtain access to valued resources.

Enterprises must know the rights granted and triggered when privileges are modified, he said.

Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn.
Tags: MSPs VARs/SIs Best Practices Security Strategy Vertical Markets

Most Recent


  • Juniper Networks Madrid event 2023 Day 2
    Juniper Networks Shows ‘Swagger’ with Ambitious Growth Strategy
    Are we up for the challenge? You’re damn right we are," said Juniper CEO Rami Rahim.
  • Cloud raining money
    Cox Bolsters AWS, Azure Chops in Logicworks Buy
    Cox looks to combine Logicworks with RapidScale, which it acquired in 2018.
  • Revamping
    4 Signs You Need to Revamp Your Channel Partner Program
    Flexible partner programs are key to accommodate different business models, maximize opportunity and balance costs.
  • ThreatLocker Zero Trust World Day 2 2023 Feature
    Zero Trust World 2023: ThreatLocker Unleashes Ops Threat-Detection Tool
    ThreatLocker also will be rolling out a new portal.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Email phishing compromise hacking
    Unit 42 Research: BEC Attacks Financial Nightmare for Organizations
  • IT asset disposal and security
    Getting Smart About IT Asset Disposal and Security
  • Four, 4
    4 Steps to Build an Agile Infrastructure
  • add
    Proofpoint: Partners to Benefit from Thoma Bravo Acquisition

Upcoming Events

View all

Channel Partners Conference & Expo

May 1, 2023 - May 4, 2023

Channel Partners Europe

June 13, 2023 - June 14, 2023

Channel Futures Leadership Summit

October 30, 2023 - November 2, 2023

Galleries

View all

Juniper Networks Shows ‘Swagger’ with Ambitious Growth Strategy

February 3, 2023

Zero Trust World 2023: ThreatLocker Unleashes Ops Threat-Detection Tool

February 2, 2023

Telecom-IT Layoff Tracker 2023: Cisco, RingCentral, Microsoft, 8×8, Sophos, More

February 2, 2023

Industry Perspectives

View all

How to Break Through the Growth Ceiling

February 1, 2023

5 Things to Look for in a UC Partner

January 31, 2023

The Benefits of Hiring an Investment Bank

January 30, 2023

Webinars

View all

Next-Generation MSP Platform: The Building Blocks for Your Business

February 15, 2023

How To Boost Your Business With White-Label UCaaS

February 28, 2023

Security Secrets of the MSP 501: How to Be a Cyber Leader in 2023

December 15, 2022
  • 1

White Papers

View all

6 UCaaS Reseller Challenges and How Real World Businesses Solved Them

February 1, 2023

Frost Radar: North American UCaaS Market, 2022

February 1, 2023

The Complete Guide to White-Label UCaaS for Reseller Success

February 1, 2023

Channel Futures TV

View all

Coffee with Craig and James Episode 117: Cato Networks, Video Killed the Podcast Stars

Retired Astronaut Capt. Scott Kelly Previews His CP Expo Keynote

December 21, 2022

Fusion Connect Eyes Future with Intrado UC, Managed Network Customers

September 23, 2022

RingCentral Focused on Hybrid Work, Microsoft Teams, Other Integrations

September 23, 2022

Twitter

ChannelFutures

Read about @coxbusiness' acquisition of @Logicworks. dlvr.it/Shty4t https://t.co/3MaKai6SVr

February 3, 2023
ChannelFutures

Where in the world are the top MSPs?? Take a look at the infographic breakdown of 2022 #MSP501 winners by region >>… twitter.com/i/web/status/1…

February 3, 2023
ChannelFutures

.@SovosCompliance offers tips for how and when to revamp #partnerplans. dlvr.it/ShtDgv https://t.co/vPzajXnjee

February 3, 2023
ChannelFutures

Day 2 of #ZTW: @ThreatLocker unveils new Ops threat detection tool. dlvr.it/Shs93Y https://t.co/dAnj6IUiF2

February 3, 2023
ChannelFutures

.@broadvoice appoints a channel vet as new program leader. Before joining the company, he had risen through the ran… twitter.com/i/web/status/1…

February 2, 2023
ChannelFutures

More activity over at @Pax8 (which just hired @RobTRae): the #cloud marketplace firm has purchased @BamBoomCloud.… twitter.com/i/web/status/1…

February 2, 2023
ChannelFutures

.@SamsungMobile launches #GalaxyS23 phones, new #GalaxyBook3Ultra at Samsung Unpacked. dlvr.it/ShrW8G https://t.co/DloltwdMsE

February 2, 2023
ChannelFutures

The new partnership between Channel Futures and @ITExchangeNet is poised to benefit the partner community.… twitter.com/i/web/status/1…

February 2, 2023

MSP 501

The industry's largest and most comprehensive partner awards program.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X