Unknown Hackers Launch Cyberattack Against Philadelphia Inquirer

by Wall Street Rebel - Michael London | 05/15/2023 10:28 AM

Organizations worldwide are growing increasingly alarmed about the threat Cyberattacts pose. Cybercriminals who are smart and located across the globe utilize computer system exploits to steal confidential information from a wide range of businesses, including newspapers, hospitals, and governments.

As a result of a cyberattack over the weekend, the Philadelphia Inquirer was unable to publish its Sunday edition for the first time in over twenty years.

Who may be behind the hacking or how much harm the anonymous hackers have done to the publication remains unclear. The FBI, which has not publicly disclosed the incident, is collaborating with the Inquirer.

Hackers' use of ransomware as a weapon to blackmail companies and institutions into paying ransoms for the release of their data is widespread. The most common kind of cyber attack involves unauthorized access to a computer system that houses sensitive information. Once inside, the hackers use encryption to ensure that the information is inaccessible to anybody except themselves. The perpetrators of a cyber assault will normally demand payment in the form of Bitcoin as a ransom once the attack has been made. If these requirements aren't satisfied, the hackers may make the information public or keep it encrypted indefinitely, as they've threatened to do.

Lisa Hughes, the publisher of The Inquirer, has announced that their news organization, which comprises daily digital content and newspaper circulation, was alerted by Cynet, the vendor responsible for managing their network security, about unusual activity on Thursday, May 11th.

According to the announcement, The Inquirer was published without any interruption on Thursday and Friday. However, the weekend staff faced an issue as they were unable to access the content management system.

Experience the ease of reading the Sunday newspaper through our digital e-edition, exclusively available in digital format.

Despite the challenging circumstances, the early edition of Sunday's newspaper was printed and delivered on schedule. This edition is typically produced on Fridays.

According to Hughes' statement, the team has decided to exercise caution by delaying the publication of classified ads and death notices until Wednesday, even though they are typically printed and delivered in Monday newspapers. As per the announcement on The Inquirer's website, the newsroom will not be accessible to employees until at least Tuesday due to ongoing disruptions.

On Sunday night, Hughes sent an internal email update stating that the company is currently investigating a co-working space for Tuesday. The aim of this action is to ensure that the reporters are well-prepared for the upcoming Municipal Primary election, which is scheduled to be held on May 16th.

Rest assured that Hughes explicitly stated in the email that the cyberattack would not impact your coverage.

As per Hughes' statement to The Inquirer, the perpetrator's identity and intentions remain unknown. The company has taken swift action by promptly notifying the FBI.

The extent of the cyberattack's success is currently unknown. It is unclear whether the attackers specifically targeted certain employees or obtained access to confidential information.

Hughes has announced that The Inquirer will inform and assist any employees or subscribers whose personal information may have been compromised during the attack. You can be confident that we will take all the necessary steps to guarantee their safety and security.

The investigation regarding unauthorized access to The Inquirer's systems is still ongoing, and the mystery remains unsolved.

This news organization lacks multi-factor authentication for accessing critical systems. Learn more about it here.

Improve your security by implementing multi-factor authentication. This crucial feature ensures that employees working on the company's software are provided with the utmost level of protection. To gain access to our software, users must provide a password and complete a secondary prompt. To proceed, you may need to answer a security question or input a code sent to you via email or text message.

According to Hughes, The Inquirer invested strategically in monitoring systems to improve digital security measures while its employees were working remotely due to the COVID pandemic.

Cynet, a business specializing in cyber security, is in charge of managing the network security at the news organization.

Following the cyberattack, The Inquirer enlisted the services of Kroll, a reputable firm specializing in corporate investigation and risk consulting, to conduct a thorough investigation.

Subscribe 100% Free to Wall Street Rebel.com and receive access to investment tools worth $17,500!

Experts have stated that cyberattacks pose a significant threat to companies, and news organizations can be especially valuable targets due to the nature of their work. Hackers may attempt to access reporters' notes and files or aim to embarrass a news organization by leaking emails or Slack messages. Some individuals may aim to spread false information by using legitimate news outlets to distribute or to cause chaos noticeably.

There is a growing level of fear among hundreds of companies throughout the world as a result of the growing frequency and severity of ransomware attacks. Threat actors in every region of the globe use security flaws in order to encrypt data belonging to a wide variety of institutions, including public and private healthcare facilities, enterprises, and governments.

Over 200,000 new strains of ransomware being discovered every single day, which translates to 140 new strains of ransomware being discovered every single minute that are able to avoid detection and cause catastrophic harm. Even if the victim pays the ransom that was asked, the ransomware operators will continue their attacks forever.

The fact that some businesses are willing to pay the ransom and keep quiet about the assault is what encourages the cybercriminals who use ransomware to become even more inventive in their operations and to demand payments totaling tens of millions of dollars. The common reason for this is because they are terrified of the terrible consequences that will be brought upon them socially.

Current Trends in Cybercrime

The André Mignot Hospital, located on the outskirts of Paris, had to shut down its phone and computer systems due to a ransomware attack. Due to certain circumstances, the hospital had to suspend its operations partially and is currently only accepting walk-ins and appointments. The medical facility has received a ransom demand, but they have stated that they do not plan to pay it.
The city of Antwerp, located in Belgium, is currently in the process of restoring its digital services after experiencing a ransomware attack on its digital provider. The disruption in services has had an impact on various aspects of society, including schools, daycare centers, and law enforcement agencies. At the time of writing, the identity of the threat actor has not been determined.
The cyberattack that targeted Bell Technical Solutions (BTS), an independent subsidiary of Bell Canada with 4,500 employees, was claimed by the RaaS group Hive. BTS specializes in providing Bell services across Ontario and Québec.
Cincinnati State Technical and Community College experienced a cyberattack that was claimed by the Vice Society ransomware gang. As a result, the stolen data was made available on the attacker's Tor data leak site.
In March 2023, CommScope, US telecommunications and IT infrastructure company, experienced a ransomware attack that compromised sensitive employee data. According to reports, the Vice Society ransomware group has stated that they have released the personal information of CommScope employees on their dark web leak site.
On November 6, 2022, a claim note was posted on the blog of Conoframa, a French furniture distributor, stating that they had been targeted by the BlackCat ransomware. The note claimed that over one terabyte of data had been stolen.
According to LockBit, they are responsible for the cyberattack on Continental, the German auto parts giant. The group is said to have stolen data from the company's systems and is now making threats to release it publicly unless Continental meets their demands.
The BlackCat ransomware gang has confirmed that they are responsible for the recent attack on Creos Luxembourg S.A. This company manages electricity networks and natural gas pipelines in the Grand Duchy of Luxembourg.
In August 2022, DESFA, a natural gas transmission system operator in Greece, disclosed that they experienced a cyberattack resulting in a limited-scope data breach and IT system outage. The group responsible for the attack, Ragnar Locker, claimed responsibility for the incident.
Dole Food Company, which is among the leading global providers of fresh produce, recently announced that it experienced a ransomware attack that caused disruptions to its operations. The food giant has taken measures to address the issue by enlisting the help of third-party experts to mitigate and protect the affected systems. Additionally, the incident has been reported to law enforcement.
Data from Ferrari's website was posted on a dark web leak site that is owned by the ransomware group RansomEXX. The hackers have claimed to have acquired nearly 7 GB of private information. This information is based on a report from reliable sources.
On October 14th, 2022, the German newspaper Heilbronner Stimme was targeted in a cyberattack. During that weekend, the printing systems of the publication were compromised, resulting in the unavailability of phone and email communication. Unknown threat actors encrypted all of the newspaper's systems as part of the ongoing attack.
The Hospital Clinic de Barcelona, one of the primary hospitals in the city, experienced a ransomware attack that severely impacted its computer system. As a result, 3,000 patient checkups and 150 non-urgent operations had to be canceled. The incident took place on Sunday, March 5th, 2023.
According to reports, Vice Society has reportedly posted data that was taken from IKEA stores in Morocco and Kuwait. The leak site snippets suggest that the gang was able to steal confidential business data and sensitive employee information.
In January, IObit experienced a hacking incident that resulted in a widespread attack aimed at spreading DeroHE ransomware to its forum members.
In February, the Technion Institute of Technology in Israel fell victim to a ransomware attack that was claimed by a new group called DarkBit. This group aims to associate its actions with hacktivism. The group asked for 80 Bitcoin ($1.7M) payments in order to release the decryptor. The threat actors also stated they would add a 30% penalty if Technion refused to make the payment within 48 hours.
The Italian city of Palermo was the target of an assault by the Vice Society ransomware group in June 2022. Palermo is the capital of the Italian island of Sicily, and the Vice Society ransomware gang claimed responsibility for the attack. The event has caused a major interruption in the provision of services as a consequence.
The Los Angeles Unified School District (LAUSD), which is the second biggest public school district in the United States and the largest public school system in California, disclosed that it had been the victim of a ransomware attack that had an effect on its Information Technology (IT) systems. This attack had the potential to hold the district's data hostage until a ransom was paid.
Lincoln College has made the shocking announcement that it would be closing its doors permanently in May 2022. This decision comes as a direct result of the severe financial effect that the COVID-19 epidemic and a recent ransomware incident had on the institution. Following receipt of payment, the decryption key was made available; however, it was unable to retrieve all of the required data. The catastrophe that took place in December was the event that tipped the scales,.
In July 2022, Macmillan Publishers, a global trade publishing company, announced that it had experienced a security breach that appears to have been a ransomware attack. The company had to shut down its network and offices to recover from the incident.
Medibank – In October 2022, Medibank, which is a health insurance company that offers services for more than 3.9 million people in Australia, said that a ransomware attack was the cause of a cyberattack and the suspension of online servicesOver 3.9 million individuals in Australia are receiving services from Medibank, making it one of the largest service providers in the country.
The New York Racing Association (NYRA) was named as a victim of the Hive ransomware group's extortion website on September 20. Along with the article, the hackers distributed a ZIP package, which can now be downloaded for free from their website. This collection includes every file that was taken from NYRA's computers, and it can be found here.
In February, the City of Oakland experienced a ransomware attack that resulted in the shutdown of all systems. The city is currently working on securing the network and restoring affected services.
Professional Finance Corporation, Inc. (PFC), a debt management company, has reported that a ransomware attack that took place in February 2022 led to a data breach that impacted more than 600 healthcare businesses.
In March, Rompetrol, the operator of Romania's largest refinery Petromidia, experienced a cyber attack by the Hive ransomware. As a result of the attack, the petroleum provider had to close down its websites and the Fill&Go service at gas stations.
Sobeys, the food retailer, has reported that it is experiencing technical issues that have been traced back to its IT systems. Nonetheless, the employees assert that all computers in the impacted Sobeys stores were locked out.
In May 2022, SpiceJet, a low-cost airline, faced a ransomware assault on its computer systems.
In June, Sol Oriens announced that the business had been the victim of a ransomware attack using REvil/Sodinokibi, which led to the loss of data. As a direct result of this, the departure times of flights that were originally planned to take place the next morning were pushed back.
The San Francisco 49ers compete in the National Football League at the professional level. The ransomware group known as BlackByte has claimed credit for the assault on the 49ers. The team has not yet provided confirmation that the ransomware was successfully delivered. Despite this, they have said that they are in the process of restoring systems, which suggests that the devices may have been encrypted.
Thales – The Lockbit 3.0 ransomware organization started releasing a 9.5 gigabyte archive file after the French multinational high-tech corporation Thales organization refused to pay the required ransom. The file is believed to include stolen information from Thales.
The United States Marshals Service was the victim of a security breach that led to the compromise of critical information. An event reportedly took place in February in the year 2023, according to a representative. During this time period, the service made the discovery that a stand-alone USMS system had been subject to an incident involving ransomware and data exfiltration.