Get Free Information Around Information Security &
The Latest News in Cybersecurity Right to Your Inbox

Ryuk Malware Outbreak Cripples L.A. Times and Tribune Papers Nationally

By SentinelOne -

On the evening of Dec 29, 2018, the Los Angeles Times reported a malware attack disrupting the delivery of newspapers across Tribune Publishing’s national network of papers.  Several individuals with knowledge of the Tribune breach said the attack appeared to be in the form of “Ryuk” ransomware.  SentinelOne blocks Ryuk pre-execution using static AI as well as on-execution using behavioral AI. Ryuk highlights the importance of a security solution like SentinelOne that provides defense in depth and is immune to tampering.

At SentinelOne, our global research team saw Ryuk on the rise since the summer months of 2018. As the LA Times/Tribune breach shows, legacy AV and backup solutions aren’t sufficient to combat what the U.S. Department of Health and Human Services’ cybersecurity program dubbs – a “highly targeted, well-resourced and planned” attack.  Aside from bypassing legacy AVs, Ryuk also disables 3rd-party backup services, including Acronis, SQLSafe, VEEAM, and Zoolz.

“Every market across the company was impacted,” said Marisa Kollias, spokeswoman for Tribune Publishing. She declined to provide specifics on the disruptions, but the company’s properties include the Chicago Tribune; Baltimore Sun; Capital Gazette in Annapolis, Md.; Hartford Courant; New York Daily News; South Florida Sun Sentinel and Orlando Sentinel.

At SentinelOne, we help our customers stay out of the news – even if they’re in the news business. With the right defenses in place, The Tribune would be enjoying their new years holiday weekend and their subscribers would be reading their papers.

To learn more about Ryuk ransomware and how SentinelOne provides autonomous prevention, detection, and response capabilities that thwarts this malware, check out our blog covering the rise of Ryuk.


Like this article? Follow us on LinkedInTwitter, YouTube or Facebook to see the content we post.

Read more about Windows Security

What's New

eBook

90 Days: A CISO’s Journey to Impact

We have partnered with some of the most successful CISOs to create a blueprint for success

Report

SentinelOne H1 2018 Enterprise Risk Index

Our research team closely monitors all SentinelOne endpoints for insights

Live Demo

Endpoint Protection Platform Free Demo

Interested in seeing us in action? Request a free demo and we will follow up soon