(Some Guy)   TV stations owned by Sinclair hit by a ransomware attack Sunday, knocking local programming off the air. Sinclair bosses to blame antifa, BLM, and liberals as soon as they learn what bitcoin is   (therecord.media)
    Amusing, Broadcasting, Television station, ransomware attack, Attack, Radio, technical issues, result of the attack, broadcasting systems of local TV stations  
posted to Main » on 18 Oct 2021 at 2:10 AM



I am Tom Joad's Complete Lack of Surprise [TotalFark] [OhFark]
‘’ 6 hours ago  
Fark user imageView Full Size



This needs to be a DAILY occurrence.  Fox, Brietbart, OAN too.
 
GardenWeasel [TotalFark]
‘’ 6 hours ago  
Oh well. Anyway.
 
Bootleg [TotalFark] [OhFark]
‘’ 6 hours ago  
Must not have been the ransomware that doesn't infect computers with Russian keyboards.
 
roddikinsathome [TotalFark]
‘’ 5 hours ago  
Conflicted...
 
E.S.Q. [TotalFark]
‘’ 5 hours ago  
Thank fark ETH is safe from them

/becuz smart contracts
 
Unobtanium [TotalFark] [OhFark]
‘’ 5 hours ago  
The attack could have been isolated, but many sections of the Sinclair IT network were interconnected through the same Active Directory domain, allowing the attackers to reach broadcasting systems for local TV stations.

That sounds like a bad idea. Can someone with actual knowledge enlighten us? I mean, I'm not completely technically illiterate, but I don't know anything about Active Directory.
 
KarmicDisaster [TotalFark] [OhFark]
‘’ 5 hours ago  
No honor among thieves.
 
null [TotalFark] [OhFark]
‘’ 5 hours ago  

"putting all your eggs in one basket"

Instead of separate domains for each station or a region.

If everything is on the same domain then when it goes down everything goes to crap.
 
vudukungfu [TotalFark]
‘’ 5 hours ago  
Soros
 
optikeye [TotalFark]
‘’ 4 hours ago  

Sinclair requires anchors to read script bashing 'fake' news
Youtube aGIYU2Xznb4
 
koder [TotalFark] [OhFark]
‘’ 4 hours ago  

Simplified: imagine every tv station using the same login server, and imagine that login server being compromised.  The login server dictates what programs run on each login/logout (both user and computer) and basically automatically grants domain admin accounts write access to all hard drives on any workstation/server that's part of the same domain.  Between it all, it's an incredibly insecure way of doing things and means just a single compromised domain-admin account can infect nearly everything that logs in.
 
BigGary_ [TotalFark]
‘’ 3 hours ago  
Couldn't have happened to a better group!
 
enry [TotalFark]
‘’ 2 hours ago  

There was the tale of Maersk getting hit and wiping out all of their AD controllers and backups.  Except one system somewhere in Africa(?) that was powered down when the attack happened.  Thus it was the only copy of everyone's account information.

From a sysadmin standpoint it makes sense to have one large domain across the entire organization as it's far easier to maintain over 20-30 domains.
 
bluorangefyre [TotalFark] [OhFark]
‘’ 1 hour ago  
Too bad they didn't make all the stations broadcast the same thing.
 
The Third Man [TotalFark]
‘’ 1 hour ago  
Aww man, I thought it was a signal intrusion at first.  We haven't had a good one of those in a while.

Fark user imageView Full Size
 
puffy999 [TotalFark]
‘’ 30 minutes ago  

Sinclair is cheap as fark and bought in waaaay over their heads.

They are a criminal enterprise.
 
puffy999 [TotalFark]
‘’ 30 minutes ago  
Sinclair bought everything and then immediately screamed "we're too big to fail" in other words.
 
maxandgrinch [TotalFark] [OhFark]
‘’ 28 minutes ago  
Their stations and tech are a bit out of date
Fark user imageView Full Size
 
bhcompy [TotalFark] [OhFark]
‘’ 25 minutes ago  

This is why multifactor authentication is so important.  Any action we have to do on our corporate network forces a secondary authentication mechanism(via app based TOTP or biometrics, depending on what you're accessing)

Site based domains are a pain in the ass, though it's certainly a good idea for there to be a layer between production systems and the general domain.  Our production systems have a separate untrusted domain with a separate authentication method.  If one is compromised, the other is not necessarily.
 
waxbeans
‘’ 21 minutes ago  

bluorangefyre: Too bad they didn't make all the stations broadcast the same thing.


That would be redundant
 
TorpedoOrca
‘’ 12 minutes ago  
in what the stations have described as technical issues

Fark user imageView Full Size
 
Begoggle
‘’ 8 minutes ago  
Fark user imageView Full Size
 
alienated
‘’ 1 minute ago  
SINCLAIR !!!
Fark user imageView Full Size
 
