Cox Media Group 2020

Cox Media Group reportedly suffered from a ransomware attack Thursday morning that took radio and TV station streams offline. According to multiple reports, computers were hacked, impacting internal networks and other operations. While station websites and most programming remained intact, the incident caused some live programming to be scrubbed, according to reports, and some TV stations had to cancel newscasts.

A random check of multiple CMG radio stations by Inside Radio on Thursday found station sites remained accessible but online streams were offline with the message “audio temporarily unavailable.” In addition, “Last Songs Played” features were not updated since morning drive.

While most Cox radio station streams remained offline Friday afternoon, the company is making some progress in getting back online. Atlanta news/talk powerhouse WSB-WSBB (750/95.5) resumed live streaming Friday morning, both on its desktop player and on its dedicated mobile app.

“This morning we were told to shut down everything and log out our emails to ensure nothing spread,” a Cox employee shared in a private conversation Thursday, according to The Record by Recorded Future, which covers cybersecurity. “According to my friends at affiliate stations, we shut things down in time to be safe and should be back up and running soon,”

CMG did not respond to Inside Radio’s request for comment.

Media companies have been an enticing target for hackers trying to get past digital firewalls and set off ransomware attacks that hold company computers hostage until money is paid – or the attack can be fended off. Salem Media Group disclosed last August that a ransomware attack had infiltrated some of its operational and information technology systems. A 2019 attack on Urban One cost the company more than $1 million. And Entercom (now Audacy) was attacked in September 2019 when hackers broke into its email servers and demanded $500,000 in ransom. That malware attack temporarily disrupted business operations but did not have a big impact on operating results. Even so, Entercom told its investors in its annual report that “there can be no assurance of a similar result in the future” adding, “cybersecurity breaches may increase our costs and cause losses.”

On June 2, the White House published an open letter to U.S. corporate executives and business leaders urging them to take steps to protect their systems against ransomware attacks. The memo from Anne Neuberger, Deputy Assistant to the President and Deputy National Security Advisor for Cyber and Emerging Technology, contained five best practices to minimize the effect of such attacks.

  1. Backup your data, system images, and configurations, regularly test them, and keep the backups offline.
  2. Update and patch systems promptly.
  3. Test your incident response plan.
  4. Check Your Security Team’s Work.
  5. Segment your networks.