Skip to main content

Too soon to attribute cyberattack that disrupted U.S. newspapers, researchers say

posted onJanuary 1, 2019
by l33tdawg
Austin Kleon
Credit: Austin Kleon

It’s too soon to tell whether North Korean hackers were responsible for a cyberattack that prevented multiple major U.S. newspapers from delivering weekend editions on time.

The attack last week against the Tribune Company disrupted printing operations at papers including the Los Angeles Times, the San Diego Union-Tribune, the New York Times and the Wall Street Journal. Several sources told the Los Angeles Times the attack appeared to be caused by Ryuk, a type of ransomware with low technical capabilities. Ryuk  has infected hundreds of computers at multiple companies, according to researchers from security vendor Check Point.

While Ryuk shares attributes with the Hermes malware, which is often attributed to suspected North Korean hackers known as the Lazarus Group, researchers say that doesn’t mean Pyongyang has launched a digital assault against U.S. press institutions. “The style of this attack fits the pattern of a lot of different groups at this point,” Robert M. Lee, CEO of the industrial cybersecurity company Dragos, told CyberScoop in an email. “This complicates the attribution claims of course and at this point any claims of attribution simply are too early.”

Source

Tags

Industry News

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th