Cox Media Group 2020

It’s been a week since Cox Media Group (CMG) was hit with a reported cyber-attack that affected internal networks and other operations. Now CNN reports the breach is being investigated by federal law enforcement. CMG radio station streams were still down this morning.

Access to CMG’s digital video library is unavailable, CNN says, as are weather computers at two of the company’s TV stations. Some employees say they have not yet recovered email and staff are being asked not to open email via their smart phones. One station encountered new issues on Wednesday, including the failing of phone lines and broadcast software.

The company has yet to address the issue or comment publicly. CMG’s media relations team has not responded to multiple email requests from Inside Radio.

Cybersecurity experts say the situation appears to be the result of a ransomware attack.

“An ‘IT incident’ that spans multiple organizations in a company is almost always a ransomware attack,” Allan Liska, an analyst at the cybersecurity company Recorded Future, told NBC News.

Media companies have been an enticing target for hackers trying to get past digital firewalls and set off ransomware attacks that hold company computers hostage until money is paid – or the attack can be fended off.

Salem Media Group disclosed last August that a ransomware attack had infiltrated some of its operational and information technology systems. A 2019 attack on Urban One cost the company more than $1 million. And Entercom (now Audacy) was attacked in September 2019 when hackers broke into its email servers and demanded $500,000 in ransom. That malware attack temporarily disrupted business operations but did not have a big impact on operating results. Even so, Entercom told its investors in its annual report that “there can be no assurance of a similar result in the future” adding, “cybersecurity breaches may increase our costs and cause losses.”