“On October 16, 2021, the Company identified and began to investigate and take action to contain a potential security incident. On October 17, 2021, the Company identified that some servers and workstations in its environment were encrypted with ransomware, and that some and operational networks were disrupted, ”the file said. “The data was also pulled from the company’s network. The company makes every effort to determine what information is in the data and will take further action, if necessary, based on its review. “
The company warned that while the incident is actively managed, “the event has caused – and may continue to cause – disruption in parts of the Company’s business, including certain aspects of its provision of local advertising by its local broadcast stations on behalf of its customers. The Company is working diligently to restore operations quickly and safely. “
Sinclair Broadcast Group says it cannot determine whether the event will have a material impact on business operations and that the investigation is ongoing.
It is not known who is behind the cyberattack or if Sinclair Broadcast Group paid the ransom.
The company responded to ABC News with a statement similar to the one on the SEC filing, and the Cybersecurity and Infrastructure Security Agency referred ABC News to Sinclair.
Two major ransomware incidents targeting critical infrastructure sectors in the United States have already occurred this year.
Meat vendor JBS, which fell victim to a ransomware attack over Memorial Day weekend, paid out $ 11 million in bitcoin to hackers who entered their system, the company said.
The FBI attributed the cyberattack to REvil and Sodinokibi, two criminal organizations believed to be based in Russia.
Colonial Pipeline, which carries roughly 45% of all fuel consumed on the East Coast, paid millions of dollars to cybercriminal group DarkSide following a ransomware attack in May that led the pipeline to briefly shut down operations. , according to court documents. The Justice Department announced that it had successfully seized some of the cryptocurrency that Colonial paid to hackers.
The Darkside criminal organization operates in Eastern Europe, and Russian intelligence services have been known to cooperate with Eastern European cybercriminals in the past.
FBI Director Christopher Wray and Homeland Security Secretary Alejandro Mayorkas both spoke about the cyber threat, including the dark web’s efforts to hack and sell people’s personal information, to a congressional panel in September.
Mayorkas noted that ransomware incidents were on the rise in 2020.
“Last year, victims paid around $ 350 million in ransoms, an increase of 311% from the previous year, with the average payment exceeding $ 300,000,” he said.
Wray said the FBI is investigating more than 100 ransomware incidents.
Agency Cybersecurity and Infrastructure Security Director Jenn Easterly called the ransomware problem an “epidemic” that will require international assistance and cooperation.
“If a highly dedicated and sophisticated state actor wants to own you, they will, but there are things people can do to keep themselves safe,” she explained.
The CISA director said more than 90% of successful cyber attacks occur because of a phishing email and urged companies to prepare for disruptions.
Mayorkas said it was difficult to locate and apprehend cybercriminals, but that DHS “is bringing additional and growing resources to this effort.”