Lee Enterprises, whose operations were affected by a cyber attack in February, apparently was the victim of the Qilin ransomware group.
Qilin announced it was the perpetrator in a post late
last week, setting March 5 as the deadline for paying the demanded ransom, according to Security Week.
Otherwise, Qilin says it will not release the data it has stolen. This
includes 350 Gb of data, including “investor records, financial arrangements that raise questions, payments to journalists and publishers, funding for tailored news stories, and approaches to
obtaining insider information.”
Are you ready for an episode like this? A ransomware attack can shut down an entire publishing business, affecting both printed and
online products.
Qilin, which reportedly is tied to Russia, may be one of the worst.
Lee acknowledged in February that its business was affected
by the attack.
advertisement
advertisement
“The incident impacted the Company’s operations, including distribution of products, billing, collections, and vendor payments,” the firm said in an SEC
filing.
It adds, “Distribution of print publications across our portfolio of products experienced delays, and online operations were partially
limited.”
The systems outage occurred on Feb. 3.
What should you do if Qulin or another cyber attacker strikes?
Tripwire advises companies
to:
- Conduct secure offsite backups.
- Utilize up-to-date security solutions.
- Execute network segmentation to
restrict the attacker’s ability to spread throughout your company.
- Use unique passwords and multi-factor authentication to protect sensitive data.
- Encrypt sensitive data.
- Disable functions that your company does not need.
- Educate your staff.