Ransomware next target is your favorite radio stations and television channel companies

Cybersecurity services specialists reported a ransomware attack that temporarily affected the operations of the community radio station WMNF 88.5 – FM, based in Tampa, Florida.

According to statements by interim general manager Cindy Reichard, that nasty incident began sometime on June 18. The next day, one of the radio station’s programmers detected strange behavior on the computer of one of the studios.  

While trying to make a diagnosis, the station’s employees received a digital note that mentioned: “Your files have been encrypted. Pay the ransom and you’ll be able to recover them”. It is clearly a ransomware attack, mentioned experts in cybersecurity services. As noted before, this happens when an attacker installs malicious code to block access to the victim’s information or systems, demanding a payment in exchange for enabling access again.

After an emergency meeting, radio station officials decided not to pay the ransom and report the incident to the Florida Department of Justice. “The authorities assured us that sometimes ransomware victims send money to hackers and in the end they do not recover access to their systems”.

The main impact of the station occurred in the AudioVault system, which stores the audio files of the station, such as old programs, songs or pre-recorded promotional material, reported by experts in cybersecurity services. Therefore, some audio files stored on this system could be lost forever.

On the other hand, the station claims that its confidential files, such as bills, donators’ data or payroll records, were not compromised during the incident. However, security monitoring is still being implemented to prevent any further incidents.

The incident also interrupted the live broadcast of the station; for now, the radio station is broadcasting only music and recorded emissions, at least until the recovery process is complete; additional details, such as the malware variant used by hackers or the ransom amount are still unknown. According to experts from the International Institute of Cyber Security (IICS), the station sent the compromised server to a cybersecurity firm, where they will try to recover as many files as possible.