A ransomware attack last weekend that affected the operations of a major broadcasting company that owns several Nebraska TV stations is the latest in what experts say is a sharp rise in such attacks.
Sinclair Broadcasting, which owns TV stations in the Omaha, Lincoln and Kearney-Hastings markets, was the victim of an attack in which "certain servers and workstations in its environment were encrypted with ransomware, and ... certain office and operational networks were disrupted," the company said in a statement.
Sinclair said data also was taken from its network, although it did not give any specifics, and said the attack "has caused — and may continue to cause — disruption to parts of the company’s business, including certain aspects of its provision of local advertisements by its local broadcast stations on behalf of its customers."
The ransomware attack on Sinclair comes on the heels of one a few weeks ago that targeted Lincoln's Sandhills Global. That attack crippled most operations of the information-processing company and rendered its online equipment auction sites inoperable for several days.
Sandhills has not publicly commented on the attack, which is one of many this year that have hurt businesses and organizations large and small.
Ransomware attacks are so named because they involve a criminal entity gaining access to a computer system, locking the user out of important files and then demanding a payment to restore access. Some ransomware attacks also involve theft of sensitive data and a threat to release it publicly unless a ransom is paid.
According to a U.S. Treasury Department report released last week, there was an estimated $590 million in suspicious activity linked to ransomware attacks in just the first six months of the year. For all of 2020, that amount was just $410 million.
"You are certainly seeing a huge increase in the number of attacks," said Doug Rausch, a Bellevue University assistant professor and cybersecurity expert.
Rausch said one of the reasons for that is the shift to more people working from home due to the coronavirus pandemic, which makes it harder for companies to follow tight cybersecurity protocols, especially if employees are using personal devices or unsecured wireless networks.
The best way to mitigate the risk is to have employees who work remotely only use company-issued devices and connect to a virtual private network or other secure system, he said.
Rausch said another reason ransomware attacks are increasing is that it's becoming cheaper and easier to do them, thanks to the commercialization of malware.
"The barrier for entry for criminal groups to employ ransomware has dropped considerably," he said.
And just like legitimate businesses, the criminal groups are looking for a return on their investment.
"They're looking for any company that may have the ability to pay a ransom," Rausch said.
And that doesn't have to be a huge amount, he said. For every attack on a large company such as JBS SA or Colonial Pipeline Co., there are just as many if not more on individuals and small mom-and-pop operations.
"It's fairly widespread and just a matter of who bites," Rausch said.
Reach the writer at 402-473-2647 or email@example.com.
On Twitter @LincolnBizBuzz.