WMNF

Another radio station has been dealt a blow by a ransomware attack. Nathan B. Stubblefield Foundation adult alternative WMNF (88.5) Tampa noticed that a computer in one of its studios was acting strangely, before a digital message was displayed: “Your files have been encrypted. Pay us, and you can have them back.”

The Tampa Bay Times reports that Interim GM Cindy Reichard discovered the hacked system June 18. The station did not pay the ransom, and instead reported the attack to the Florida Department of Law Enforcement. Reichard was unsure how much money the hackers demanded.

As the newspaper explains, ransomware attacks have become a common form of cyber-crime where hackers install malicious code, rendering a victim’s data useless until they pay for a digital key to decrypt it. The outlet is now stepping up cybersecurity.

“FDLE told us that a lot of times you pay and you still don’t get your data back anyway,” Reichard told the Times. In this instance, the hack did not impact such sensitive data as donor information, payroll or financial documents. However, it did infect a new AudioVault system where the station’s audio archives were stored, along with promos played between songs and other audio files. Archived episodes of the station’s news and public affairs programming may be lost permanently. The station has sent the affected server to a local data recovery company to see what, if anything, can be salvaged.

The Interim GM said that investigators told her the ransomware could have originated in Russia. “We don’t really know for sure, other than it came through the AudioVault,” she said. “It could have been sitting in a file for a long time and someone did something that triggered it. Or it could have come in with some music we downloaded.” She estimated the attack will cost WMNF $5,000, and possibly more, between data recovery work and upgrades to security.

Public radio stations have been targeted before, the newspaper points out. In 2017, San Francisco NPR station KQED was crippled for months by an attack that forced one of the nation’s largest public media companies to shut down its entire computer network to prevent the ransomware from spreading. An FBI guidance document says the U.S. government “does not encourage paying a ransom to criminal actors,” because it could “inadvertently encourage this criminal business model.”

Urban One also endured a particular egregious cyber-attack that temporarily crippled some of its IT systems and databases, preventing it from running commercials, exposing it to potential lawsuits from parties impacted by the breach—and ultimately costing the company at least $1 million.

That attack, as Inside Radio reported, occurred over several days in late February and early March. Once discovered, the company “took immediate action” and hired a cybersecurity firm to evaluate its systems. The attackers not only gained access to Urban One’s proprietary IT systems and databases, they then proceeded to encrypt them. “The attack caused some initial disruption to our ability to traffic radio advertising spots, which was quickly remediated,” the company said in a filing.

Urban One had to shell out $500,000 in expenses to respond to the incident, rebuild its back-office systems and upgrade hardware and software. It also had an impact on the company’s first quarter financial results. In addition to $500,000 in expenses, the company took a $500,000 to $800,000 hit from lost ad revenue due to the attack.