Fulton, MO 32° View Live Radar Sat H 30° L 8° Sun H 26° L 14° Mon H 39° L 35° Weather Sponsored By:

Origin of virus that hobbled newspapers still unclear

Origin of virus that hobbled newspapers still unclear

December 31st, 2018 by Associated Press in News

A truck is parked outside the Los Angeles Times Olympic Facility in Los Angeles, Sunday, Dec. 30, 2018. A computer virus hit the newspaper printing plant in Los Angeles, and at Tribune Publishing newspapers across the country. (AP Photo/Damian Dovarganes)

LOS ANGELES (AP) — The origins of a suspected computer attack that disrupted the Los Angeles Times and Tribune Publishing newspapers remained unclear Sunday after causing delivery delays and being brought to the attention of federal investigators.

San Diego Union-Tribune Publisher Jeff Light described the incident as "what now seems to have been a malicious attack on the company by computer hackers" in a message posted to the newspaper's website. He told readers the disruption had mostly seemed to have been brought under control.

The suspected attack prevented the Chicago Tribune, the Baltimore Sun and other papers from publishing paid death notices and classified ads Saturday. However, Tribune Publishing has said no news websites were affected and no customer information was compromised.

Katie Waldman, a spokeswoman for the Department of Homeland Security, said in an email Sunday that the agency was "aware of reports of a potential cyber incident" affecting several news outlets. She said the department is "working with our government and industry partners to better understand the situation."

The Los Angeles Times, citing "several individuals with knowledge of the Tribune situation," reported the attack appeared to be in the form of "Ryuk" ransomware. Tribune Publishing sold the Los Angeles Times and the San Diego Union-Tribune earlier this year for $500 million to biotech billionaire Dr. Patrick Soon-Shiong, but the companies continue to share software, according to the newspaper.

An advisory by the U.S. Department of Health and Human Services' cybersecurity program earlier this year described "Ryuk" attacks as "highly-targeted, well-resourced and planned."

Mark Weatherford, a former DHS deputy under secretary for cybersecurity who is now chief cybersecurity strategist at California-based vArmour, said Sunday that phishing links are the most common way such attacks gain entry.

"It's fairly non-discriminatory. This could happen to anybody, although it seems to be more of a targeted attack," Weatherford said. He added, however, that it was too early to draw conclusions.

Tribune Publishing also reported the attack to the FBI on Friday, the Chicago Tribune said. The FBI did not immediately return a message seeking comment Sunday.