Cyberattack On CMG Isn’t An Anomaly

On June 3, criminals hit Cox Media Group with a cyberattack. According to several published sources, the attack impacted live streaming and some programming. Employees report they had to shut down email and computers; later, they were able to turn things back on and do their jobs. It sounds like CMG escaped what could have been a catastrophic attack.

This is not a surprise.

In the past week, Russian spies, terrorists and extortionists (let’s call them what they are) have attacked services essential to the American way of life. They went after Colonial Pipeline, creating gas shortages across parts of the country as Americans began their early summer travel. They attacked a meat-packing company just before a long weekend with impacts yet to be seen. They went after the federal government with the SolarWinds attack, accessing a massive trove of information. And those are just three of the most notable. The list goes on and on.

The truth is staring us in the face: While most cyberattacks are opportunistic and not targeted, foreign powers looking to create havoc are going after organizations important to Americans.

During the worst of the pandemic, ransomware extortionists went after our most important essential service: life-saving hospitals. Now that the pandemic is waning, the criminals are going after other essential organizations. And if there’s one thing that sets America apart, it’s our free press. We all know journalists are essential workers, which is why I’m sorry to predict the CMG attack is likely the beginning of future cyber assaults on journalism. Say what you will about cable networks, but local news remains the most trusted of news sources. And, in this latest attack, it’s the trusted local news that was the target.

TV station ownership groups, ever-growing, are looking for efficiencies. As a manager for multiple media groups, I was in plenty of conversations about whether we could cut back the number of IT professionals or the even more expensive and hard-to-hire cybersecurity professionals needed. With ad revenue facing headwinds in recent years and several ad verticals in sharp decline during the pandemic, it’s no wonder that station groups need to find places to cut.

Now is the time to build up defenses for cyberattacks, not weaken them. Now is the time to do disaster drills: how do you continue broadcasting, publishing, streaming during a major cyberattack? Now is the time to set up 24/7/365 detection and response for cyberattacks.

Journalists work around the clock, so should the folks defending against attacks.

Since leaving a newsroom three years ago to work in cybersecurity, I’ve learned some alarming things about cyber-gangs and nation states. I’ve feared for my former colleagues in TV stations across the country, increasingly dependent on computers and networks to deliver the news. I hope for all of them that my prediction of increased attacks is wrong because their uninterrupted journalism is essential. If I’m not wrong, now is the time for media owners to be vigilant and focus on cyber defense.

Jake Milstein is the chief marketing officer of Critical Insight, a cybersecurity company in Seattle. Previously, he was news director of KIRO Seattle and before that worked at WRC Washington; KCOY-KKFX Santa Barbara, Calif.; KNTV San Francisco; and Grass Valley.