CHAMPAIGN — A malware attack on the servers of the Illini Media Company has left the student-run Daily Illini unable to publish its print edition Thursday and compromised employee information, the newspaper reported Wednesday.
“As you can imagine, we are in emergency mode over here,” co-publisher Kit Donahue said in a text message Wednesday afternoon between back-to-back meetings. “I can tell you that it was a ransomware attack and it happened (Tuesday) morning. Online coverage is not a problem and our radio station, WPGU, is still able to broadcast.
“We are working with our tech team and local law enforcement, but because this is an ongoing criminal investigation, we don’t have a lot of information we are able to share at this point,” Donahue said.
Illini Media Company is the parent company of The Daily Illini, WPGU-FM and the Illio yearbook. It’s located at 1001 S. Wright St., C.
The newspaper has a daily online presence but for about the last five years has published a print edition only twice a week. It announced the malware attack Tuesday on social media, saying that print editions beyond Thursday could be affected as well.
The paper also reported that the attack was the second on the company’s servers this year and “much larger” than the first in early January, when the paper was online only.
“Just pure shock,” Chris Harlan, interim chair of Illini Media’s board, said of their reaction to the attack.
A banker whose full-time job is CEO of the UI Community Credit Union, Harlan has had a bank-robbery holdup metaphor going through his head since learning of the ransomware attack. He confirmed that Illini Media is working with the FBI.
With several people from the UI on the Illini Media board, Harlan said they are getting good advice and trying to come to an agreement with a consultant to resolve the crisis.
“I went and looked at the report done of the public health district, and it’s oddly very similar,” Harlan said.
He was referring to a hack on the Champaign-Urbana Public Health District’s server in early March, which took some services offline for as long as a week.
In late April, Parkland College was similarly victimized.
Both Parkland and the health district had insurance that covered most of the nearly $1 million combined cost to rectify their situations.
Parkland’s premium for a year’s worth of that insurance coverage was $27,706, spokesperson Stephanie Stuart said.
Both those agencies worked with the FBI because there is not a lot that local law enforcement can do to investigate, said Urbana police Sgt. Tim McNaught, who has specialized in computer forensic work for a little over a decade.
“We could do a network investigation to figure out if it came in through an email or where it came from. The problem is, it’s hard to trace,” said McNaught, who’s never personally investigated a network malware crime. “It’s possible but difficult because these guys are good at hiding themselves. Oftentimes, they’re not even in the U.S. They are overseas somewhere.”
For just over 10 years, McNaught has been the only investigator in his department with the expertise to do computer forensics. The training and the work are time-consuming, and not all local officers have the disposition or willingness to do such tedious investigatory work, especially for child-exploitation crimes, he noted.
Two agents from the “cyber squad” at the FBI’s Springfield office agreed to speak generally about the investigation of cyberattacks but declined to be identified.
“We usually come in while the attack is occurring,” said one, a computer scientist.
In a ransomware attack, a virus encrypts all the data on the machine it infects, and hackers then demand a ransom in exchange for unlocking it. Victims typically call for help the minute they get the ransom demand.
“We don’t do the negotiation. That portion is up to the victim. We do not encourage payment of the ransom,” said the FBI agent, who added that fellow agents have seen cases where the ransom was paid and the data released and cases where the hackers took the money but did not release the data.
Despite the lengthy and often costly process of trying to figure out where or how the breach happened, the agents said they have had success. Even if a victimized company resolved an attack without FBI help, the agency wants to hear from them.
“They may hold one piece of the puzzle the FBI needs,” said one of the agents.
The FBI is willing to consult with businesses or agencies in a proactive way about cyberattacks and encourages relationship building.
“If we see a type of attacker targeting an industry such as financial or health care, we may be able to give indicators ahead of time,” one of the agents said.
Just two weeks ago, the FBI’s National Cyber Investigative Joint Task Force published a fact sheet about ransomware that said the most common ways that cyber criminals infect victims’ machines are through email phishing campaigns and vulnerabilities in Remote Desktop Protocol and other widely used software programs.
To minimize the risk of ransomware attacks, the agency recommends:
- Backing up data daily, testing your backups and keeping those backups separate from your computer network. Instead of paying ransom, the victim can try to restore network data from the backups.
- Using multi-factor authentication.
- Updating and patching systems.
- Having up-to-date security solutions.
- Reviewing and practicing a response plan.
Following the attacks on Parkland and the health district last spring, both stressed that no personal information was leaked in either incident, but officials gave few details of what happened.
McNaught said it’s not uncommon for victims not to want to say much about such breaches because they basically amount to a hit on an agency’s reputation, even though they are victims.
For information on cyberattacks or to report an attack, call the FBI’s Springfield office at 217-522-9675. Complaints should also be reported online to the Internet Crime Complaint Center at ic3.gov/Home/Ransomware.
"pure" - Google News
February 18, 2021 at 09:08PM
https://ift.tt/3k2FHkk
Daily Illini cyberattack generates 'pure shock' | Courts-police-fire | news-gazette.com - Champaign/Urbana News-Gazette
"pure" - Google News
https://ift.tt/3d6cIXO
https://ift.tt/35ryK4M
Bagikan Berita Ini
0 Response to "Daily Illini cyberattack generates 'pure shock' | Courts-police-fire | news-gazette.com - Champaign/Urbana News-Gazette"
Post a Comment