The Weather Channel’s Atlanta headquarters were hit by ransomware yesterday, April 18, and the station’s live TV broadcast was interrupted for 90 minutes as a result.
The incident occurred at around 6:00 am, local time, when the TV station’s daily morning live show AMHQ stream went down for minutes, before being replaced with re-runs of Heavy Rescue.
During that time, The Weather Channel’s IT staff restored impacted computers from backups, but the entire process took 90 minutes before the TV station was able to come back on air with its regular programming.
Contrary to popular belief that nobody watches The Weather Channel anymore, many users immediately noticed that something was wrong.
Following hundreds of user inquiries on Twitter and Facebook, the TV station confirmed that it had fallen victim to a “malicious cyber-attack,” but did not give out any other details.
The Weather Channel did not reply to requests for comments from ZDNet last night on the nature of the incident; however, Atlanta local TV station 11Alive reported that the company’s main headquarters had fallen victim to a ransomware infection, which was the source of the live broadcast outage.
Today, The Wall Street Journal confirmed 11Alive’s report, citing sources with the Federal Bureau of Investigation who said they were investigating the TV station’s outage as a ransomware incident.
This incident shows once again that nobody’s safe from ransomware infections. While most of the time ransomware authors target home users, local municipalities, schools, or healthcare institutions, ransomware gangs won’t refuse any vulnerable network if they find it.
The best example of this happened earlier this week when in an extreme case of irony ransomware infected the internal network of Verint, a well-known cyber-security and threat intelligence company.
Related malware and cybercrime coverage: