Company with 235 radio stations infected with ransomware again. Why companies let this happen?

Over the last few hours a series of reports about a company that has become victim of a cyberattack have seized the attention of the cybersecurity community. Apparently the company affected is Entercom, a popular broadcaster in the state of Pennsylvania, US; founded more than 50 years ago, Entercom has 235 radio stations worldwide.

Last September Entercom had already been the victim of a cybersecurity incident, when a group of hackers infected the company’s servers with a ransomware variant, demanding more than $500k USD in exchange for restoring access to the compromised resources.

Apparently this time it is also a ransomware attack, detected during this week. According to early reports, the infection could have compromised the operation of multiple areas of the company, including back-office operations. Due to the affectations, the broadcaster has had to use pre-recorded radio shows.

Entercom has not revealed further details about the attack, although they acknowledge that their systems have collapsed due to the incident. A couple of days later, and with the help of a cybersecurity firm, Entercom restored the affected systems; however, various areas of the company keep experiencing some failures, such as in email service, access to some databases and support of digital platforms.

According to a representative of the company, after the last September cyberattack the company increased its cybersecurity budget, implementing multiple improvements that have allowed it to better deal with this new attack, so the recovery time and expenses were significantly reduced.

This new incident is just a further sample of the thousands of similar attacks targeting companies of any size across all industrial, service and public organization sectors.

Another massive ransomware incident was recently reported to affect the operations of a major insurance company based in Canada, which suffered the shutdown of its 245 computer systems. According to a report by the International Institute of Cyber Security (IICS), more than 60 terabytes of information were encrypted due to this attack; in exchange for re-establishing access, cybercriminals demanded more than $1 million USD in Bitcoin, which is the most commonly used payment method in ransomware infection cases.

Due to the characteristics of these attacks prevention is critical, so it is recommended not to browse unsafe websites or interact with suspicious-looking emails with unsolicited attachments, creating security backups to prevent data loss is also recommended.