Computer Security Weather Channel Hack Highlights Importance Of Backup And...

Weather Channel Hack Highlights Importance Of Backup And Recovery Measures

the weather channel hackers attackA malware attack on The Weather Channel, a US cable network for meteorological data, took down its live broadcast on April 18 for approximately one and a half hours, between 6 and 7:30 a.m. The attack knocked the live broadcasting of "AMHQ" off the air, prompting The Weather Channel to play taped programming until approximately 7:39 a.m.

The network confirmed that it was experiencing difficulties due to a targeted attack, and not some other technical issue: "We experienced issues with this morning's live broadcast following a malicious software attack on the network." a Twitter post by the network read. "We were able to restore live programming quickly through backup mechanisms. Federal law enforcement is actively investigating the issue."

Jim Cantore also confirmed the attack on-air, saying: "The Weather Channel, sadly, has been the victim of a malicious software attack today." And while many people were wondering about who would want to hack The Weather Channel, this incident highlights the importance of backup and disaster recovery as integral parts of an organization's risk management strategy.

This incident should serve as a big red flag for news organizations, considering the fact that most networks are moving to internet-protocol(IP) to distribute their content. It is still rare to see such attacks, with the other public example being the 2015 hack of French network TV5Monde. The investigation that was carried out at the time seemed to point to the culprit being Russia's APT28 group, although the attackers identified themselves as the Cyber Caliphate, a group allegedly linked to the Islamic State.

Attacks like this need to be a reminder that threat actors can disrupt much more than your morning weather forecast. The Weather Channel managed to restore some of its operational capabilities almost immediately and recover from the attack relatively fast, mainly due to offline backups. And it did so without paying a ransom or negotiating with the attackers.