The Weather Channel confirmed an attack that affected its services for 90 minutes. Security experts believe it reveals the inherent risks of broadcasting's transformation to IP-based networks.
“We experienced issues with this morning's live broadcast following a malicious software attack on the network,” The Weather Channel said on Twitter. “We were able to restore live programming quickly through backup mechanisms. Federal law enforcement is actively investigating the issue. We apologize for any inconvenience to viewers as we work to resolve the matter.”
The attack occurred between 6 and 7.30 am and only affected the live broadcast. While the broadcast was down, The Weather Channel played canned content, before broadcasting from backup services.
An Evolving Threat to Journalism
Weather is a relatively minor target, but such attacks could be used in the future to disrupt breaking news broadcasts or censor content. A nation-state could theoretically highjack feeds and push propaganda if security practices were lax.
However, it's worth noting that it's still unclear how attackers compromized The Weather Channel's systems. With proper security, attacks like these shouldn't happen, but the attack landscape is constantly evolving. Even tech giants like Microsoft and Facebook have even experienced issues in recent times.
“At this time the details of the cyberattack have been limited though it appears to have impacted the company's ability to broadcast live weather though backup systems enabled the company to restore some production systems,” said Joseph Carson, chief security scientist at Thycotic, to Threatpost. “It will be interesting to see if this attack is related to the most recent string of malicious malware impacting other global organizations such as the LockerGoga ransomware that impacted Norsk Hydro several weeks ago, causing more than over $40 million in damages so far.”