• by Ray Schultz , Columnist, March 2, 2025

Lee Enterprises, whose operations were affected by a cyber attack in February, apparently was the victim of the Qilin ransomware group.

Qilin announced it was the perpetrator in a post late last week, setting March 5 as the deadline for paying the demanded ransom, according to Security Week. 

Otherwise, Qilin says it will not release the data it has stolen. This includes 350 Gb of data, including “investor records, financial arrangements that raise questions, payments to journalists and publishers, funding for tailored news stories, and approaches to obtaining insider information.” 

Are you ready for an episode like this? A ransomware attack can shut down an entire publishing business, affecting both printed and online products. 

Qilin, which reportedly is tied to Russia, may be one of the worst. 

Lee acknowledged in February that its business was affected by the attack. 

“The incident impacted the Company’s operations, including distribution of products, billing, collections, and vendor payments,” the firm said in an SEC filing.  

It adds, “Distribution of print publications across our portfolio of products experienced delays, and online operations were partially limited.”

The systems outage occurred on Feb. 3.

What should you do if Qulin or another cyber attacker strikes? 

Tripwire advises companies to: 

• Conduct secure offsite backups.
• Utilize up-to-date security solutions.
• Execute network segmentation to restrict the attacker’s ability to spread throughout your company. 
• Use unique passwords and multi-factor authentication to protect sensitive data.
• Encrypt sensitive data. 
• Disable functions that your company does not need. 
• Educate your staff.