There have been a lot of ransomware attacks on notable companies this year, including a June one on Cox Media (which Cox only formally acknowledged as a ransomware attack last week). It appears that the latest one came against Sinclair’s local broadcast affiliates. As Catalin Cimpanu writes at The Record, this led to Sinclair stations across the U.S. going down for significant parts of the day Sunday, with the stations calling that “technical issues,” but sources confirming to Cimpanu it was ransomware:
TV broadcasts for Sinclair-owned channels have gone down today across the US in what the stations have described as technical issues, but which sources told The Record to be a ransomware attack.
…As a result of the attack, many channels weren’t able to broadcast morning shows, news segments, and scheduled NFL games, according to a barrage of tweets coming from viewers and the TV channels themselves.
“Internally, it’s bad,” a source who had to call Sinclair employees on their personal numbers to get more details about the attack, told The Record earlier today in a private conversation.
The attack could have been isolated, but many sections of the Sinclair IT network were interconnected through the same Active Directory domain, allowing the attackers to reach broadcasting systems for local TV stations.
Cimpanu’s piece notes that this attack started in the early hours of Sunday morning, and took down the Sinclair internal corporate network, email servers, phone services, and local networks’ broadcasting systems. Sinclair was able to replace some local stations’ planned programming with a national feed, allowing some stations to stay on the air, but this wound up being a major issue for them. And Sara Fischer of Axios added further confirmation this was ransomware:
Two sources confirm to @axios that Sinclair’s systems are down following @TheRecord_Media scoop about ransomware attack. Comes days after Cox Media Group acknowledged a that cyberattack this past summer was ransomware. https://t.co/TvWSUfVg5J
— Sara Fischer (@sarafischer) October 18, 2021
And as Cimpani wrote in his story but also noted on Twitter, this came after a previous network security issue at Sinclair in July led to a company-wide password reset:
https://twitter.com/campuscodi/status/1449884775934795777
On the NFL front, Sinclair has 57 Fox affiliates and 31 CBS affiliates. It’s not clear if all of those affiliates were still affected by issues during those stations’ NFL broadcasts today, but there were certainly plenty that were impacted. (Sinclair also has 25 NBC affiliates, but it’s unclear if these issues extended into Sunday Night Football.) And this led to a lot of complaints about a lot of stations (Cimpanu’s piece includes a graphic of many of the tweets complaining about this).
A particularly interesting way this was shown was in responses from the Hulu Support Twitter account, which had quite the day of responding to fan complaints. It’s not clear that all of the issues here are with Sinclair stations, but many of them appear to be. Here are just a few of the many, many complaints at that account, and its usual response of “Try using your Hulu credentials to log in through the station’s website and watch that way”:
We're terribly sorry this behavior has affected your streaming experience! We've received similar reports and are investigating what occurred. Once again, we apologize for any inconvenience caused.
— Hulu Support (@hulu_support) October 18, 2021
Apologies! We're currently dealing with a behavior impacting the feeds from several local affiliates. We're working with our partners to get this cleared up. For now, you may be able to stream on the network's app/site with your Hulu login: https://t.co/qxlmnIPbSj.
— Hulu Support (@hulu_support) October 18, 2021
Apologies, Brett! While the game is over now, it sounds like you ran into a behavior our team is currently looking into. We'll be sure to pass on your report! If you're having trouble now, we suggest trying: https://t.co/qxlmnIPbSj as a possible workaround. Thank you!
— Hulu Support (@hulu_support) October 18, 2021
An interesting element of the streaming universe is that it’s usually not terribly clear where people should go to complain. And there have been issues with streaming MVPDs that have only affected their services, not the base channels. But in this case, it appears to have been the underlying channels that were at issue. (And this is just the latest story in a series of recent not–great stories for Sinclair.)