A ransomware attack delayed printing of multiple newspapaers across the U.S., the attack appears to be initiated outside of the United States.
The threat actors infected the critical systems to the news production with Ryuk ransomware. One company insider said that infected computer files contain .ryk extension.
Ryuk Ransomware targets various enterprise network around the globe and encrypting various data in storage, personal computers, and data center.
The attack delays the distribution of the saturday editions of Los Angeles Times and San Diego Union Tribune. The ransomware infection spread through Tribune Publishing’s network.
“We believe the intention of the attack was to disable infrastructure, more specifically servers, as opposed to looking to steal information,” said the source Los Angeles Times.
The company suspected that the cyberattack originated outside of US, Tribune Publishing
Ryuk Ransomware might be another targetted campaign from Lazarus Group or malware author derived HERMES source code.
“We apologize to our customers for this inconvenience,” The Times said in a statement. “Thank you for your patience and support as we respond to this ongoing matter.”
The ransomware is a global problem it emerges as a lucrative revenue model for cybercriminals. Some ransomware’s also have worm-like capabilities which enable to spread across the network.