1(630)802-8605 Ravi.das@bn-inc.net

When the Internet boom started back in the late ‘90’s, all we could do is sit and marvel as to the sheer amount of VC money that was being pumped into these startups.  Of course, that era of anything .com has now fast dissipated, but the impacts of it and the evolution that it has certainly started can never be forgotten – and in fact, we are forging ahead with it into the new year of 2019, and possibly even into the decades forward.

This is revolution is what is what I term the “Electronic Revolution”.  The Internet bubble was the catalyst that made everything go electronic, and in even in some instances, cause the utter giants in business to even shutter there doors forever.  A prime example of this is the ever-famous Border’s bookstore. 

At some point in time, they held the market dominance for anything related to the printed category – such as books, magazines, etc.  But given that everything content wise has now pretty much gone electronic, just about every customer can now access what they need by simply downloading purchasing and downloading an E-Book, getting it on their Kindle, or even simply reading news headlines on their Smartphones.

As a result, this caused Border’s to shut its doors down forever, and even now Barnes and Noble, one of the leaders in the print market, to have its market share erode as well. But printed content still does exist, and there is still a large amount of the population that still want their newspapers delivered the old-fashioned way – through actual print.

In fact, it is these legacy systems that are now becoming a prime target for the Cyberattacker.  This is best exemplified by the recent Malware attack that just occurred a few days ago on some of the major newspapers.  The impacted print versions included the following:

*The Los Angeles Times;

*The New York Times;

*The Wall Street Journal;

*The San Diego Union-Tribune.

The points of impact were the various printing centers that published these newspapers, most notably the servers that were used to facilitate the printing process.  They were infected with a new type of Malware, called the “Ryuk Ransomware”.  This was first thought to be a virus, until its devastating impacts were felt much later.  For instance, many of the newspaper subscribers did not get their Saturday edition.

The Ransomware was first detected on December 28th, and it led to further printing and distribution delays with the Chicago Tribune, the Ft. Lauderdale Sun-Sentinel, the Baltimore Sun.

It even curtailed the distribution processes of the West Coast print newspapers of the Wall Street Journal and the New York Times.  These are all printed at the Los Angeles Times’ Olympic printing plant in downtown Los Angeles.

It should be noted that although the Ryuk Malware has been claimed to be a Ransomware, it has never been officially cited as one by the Cybersecurity Industry.  Rather, only inside sources at the LA Times called it a Ransomware, and they believed that this attack was actually launched by a Cyberattack group originating in a different country (although not officially confirmed, it is more than likely wither Russia, China, or even North Korea).

Whatever the form of the attack was, whether it is just a deployment of a Malware bug or an all-out Ransomware attack, the good news is that it appears that none of the confidential and private information/data of the newspapers were ever compromised. 

This includes such PII (Personal Identifiable Information) as physical mailing addresses, phone numbers, E-Mail addresses, credit card information or even other forms of banking information.

My thoughts on this?

Well, mu first inclination is to think that this is not an actual Ransomware attack.  Remember, with these kinds of attacks, usually computers and servers are frozen up and locked, until a specific ransom is paid, usually by Bitcoin.  But there is no mention of that at all from the various sources that I checked out, so that leads me to believe that this is was a “simple” Malware Attack.

But apparently, this is not the first time that the Ryuk Malware has https://cyware.com/news/ryuk-ransomware-suspected-in-the-cyberattack-on-us-newspapers-92ad95a1 its presence known on the Cyberattack landscape. 

For instance, according to a Cybersecurity firm known as “Check Point Research”, has already attacked a few victims worldwide, most notable the restaurant chain known as “Recipe Unlimited.”

A detailed report from Check Point Research about the Ryuk Malware can be seen at this link below:

https://cyware.com/news/ryuk-ransomware-suspected-in-the-cyberattack-on-us-newspapers-92ad95a1

This type of attack only yet underscores of what is to come into the future.  As I have mentioned, the Cyberattacker is starting to shift away from targeting purely digital assets to now much more tangible, and physical based processes that are legacy based. 

Here in the United States, many of these types of infrastructures are still left unprotected, because during those times, the thoughts of Cyberattacks from occurring never even entered into the minds of people.

The only damage that could occur that was conceivable at that point in time was that of a natural disaster.  But given today’s times, what can be done to fortify these legacy systems?  Really, the only thing that can be done is to add on security layers to them. 

If you were to take out these existing processes and try to rebuild modern ones in its place, it would be totally disastrous. 

But whatever security add ons have to be implemented, they must be interoperable with the legacy systems in order to ensure that they work in harmony with another.  Although it sounds dire in nature, but it is quite possible that in 2019 we could see a precursor to another 9/11 style attack – where both the IT and the Critical Infrastructures of the United States are hit at the same time.