Sinclair TV stations disrupted across the US after ransomware attack

Sinclair formally confirmed the ransomware attack a day after this initial report in SEC documents. Original reporting below.

TV broadcasts for Sinclair-owned channels have gone down today across the US in what the stations have described as technical issues, but which multiple sources told The Record to be a ransomware attack.

The incident occurred in the early hours of the day and took down the Sinclair internal corporate network, email servers, phone services, and the broadcasting systems of local TV stations.

As a result of the attack, many channels weren’t able to broadcast morning shows, news segments, and scheduled NFL games, according to a barrage of tweets coming from viewers and the TV channels themselves.

Image: The Record

“Internally, it’s bad,” a source who had to call Sinclair employees on their personal numbers to get more details about the attack, told The Record earlier today in a private conversation.

The attack could have been isolated, but many sections of the Sinclair IT network were interconnected through the same Active Directory domain, allowing the attackers to reach broadcasting systems for local TV stations.

However, the attack did not reach the part of the Sinclair broadcast system called “the master control,” which allowed the company to replace the scheduled local programming on the affected channels with a national feed, allowing some channels to at least remain on the air.

Image: The Record

The incident comes after Sinclair performed a company-wide password reset for IT resources shared by local stations in July after what it described as a “potentially serious network security issue.”

At the time of writing, it is unclear how many Sinclair TV stations have been impacted. A Sinclair spokesperson could not be contacted via email or phone as these systems were down because of the attack.

The Sinclair Broadcast Group is one of the largest media empires in the US, controlling 294 television stations in 89 markets across the US. The Record found tens of Sinclair stations, from Washington to Maryland and from Illinois to Texas, which announced technical issues today.

Signs of the major outage that is still underway can also be seen via the Hulu Support Twitter account, which has spent most of the day responding to issues caused by the Sinclair incident.

Ransomware attacks that hit major TV and radio stations and took down live broadcasts also are not that rare and have happened before. Past incidents include:

The attack is expected to hit Sinclair very hard as the local stations will be losing advertising revenue until they regain control over their broadcasting systems.

Article updated on October 18, 8am with link to SEC filing.

Catalin Cimpanu

Catalin Cimpanu is a cybersecurity reporter for The Record. He previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.

Recent Posts

Four indicted after hacking US businesses, filing false tax returns

Four men based in the United Kingdom and Sweden have been indicted on several charges…

4 hours ago

Data-wiping malware hits Russian courts, city halls

A new malware that masquerades as ransomware but wipes data from infected devices instead of…

7 hours ago

Three vulnerabilities found in popular baseboard software

Three vulnerabilities have been found in a popular brand of baseboard software used by many…

7 hours ago

France’s top cybersecurity official to leave post

Guillaume Poupard, the director of France’s national cybersecurity agency, confirmed he is leaving his role…

8 hours ago

French hospital complex suspends operations, transfers patients after ransomware attack

A hospital complex in France has suspended medical operations and transferred six patients following a…

8 hours ago

‘The world should be prepared’ — Microsoft issues warning about Russian cyberattacks over winter

Microsoft has warned that “the world should be prepared for several lines of potential Russian…

9 hours ago