Multiple Country Radio Stations Disrupted by Ransomware Attack
Multiple country music radio stations owned by the Cox Media Group are being affected by a potential ransomware attack that occurred on Thursday, June 3rd. Though the radio stations are still able to broadcast, the live feeds on their websites and streaming networks have been disabled, and some stations are unable to update programing or compose news or talk segments due to the cyber attack.
Cox Media Group currently owns a total of 57 radio stations in 20 individual markets, including eight country music stations, all of which are currently not servicing digital feeds from their stations, Saving Country Music can confirm. Cox also owns 31 local television affiliates, many of whom are also experiencing difficulties due to the attack.
The country radio affiliates affected in the attack include:
- WWKA 92.3 – Orlando, FL
- WNGC 106.1 – Athens, GA
- KWEN 95.5 – Tulsa, OK
- WHKO 99.1 – Dayton, OH
- KKBQ 92.9 – Houston/Galveston, TX
- KTHT 97.1 – Houston/Galveston, TX (Classic country)
- KKYX 680 AM – San Antonio, TX (Classic country)
- KCYY 100.3 – San Antonio, TX
Though some of Cox Media’s television stations had returned to normal programming by Thursday evening, many of the company’s radio station streams were still being affected, despite the physical websites remaining online.
The potential ransomware attack comes after the Colonial Pipeline Ransomware cyber attack that occurred on May 7th, shutting down gas supplies to large swaths of the eastern United States. Then earlier this week, meat packer JBS suffered a ransomware attack that had the company shutting down their processing plants across the country. They began returning to normal operations on Wednesday.
Cox Media Group has not publicly addressed the potential cyber attack, and did respond to questions by the time of this report.
the pistolero
June 3, 2021 @ 6:49 pm
Y100 in San Antonio is pure garbage.
Country Legends 97.1 in Houston is great, though. I listened to it almost nonstop from its inception in 2003 until I left Southeast Texas in 2010.
Steel&Antlers
June 4, 2021 @ 1:13 pm
I don’t know if it was any different back in the 00s but these days all 97.1 plays is 90s country, which is great, but if you’re gonna call yourself “Country Legends” you gotta play a little more than that.
the pistolero
June 5, 2021 @ 6:48 am
Well that sucks. That is exactly why we don’t even bother with KKYX in San Antonio anymore. It’s not ALL they play, but as my wife put it, “I listened to KKYX to get away from that!”
’90s country wasn’t terrible, I mean, I lapped that shit up when it was new and I’ll still listen to a lot of it without bitching and I understand time goes on and a lot of people are going to think ’90s country is classic, but as far as I’m concerned “classic” means “before the Class of 1989.”
Fm to C
June 3, 2021 @ 7:09 pm
I can’t be the only one who thinks that hackers taking modern country stations off the air would actually be doing us a favor.
Jake Cutter
June 3, 2021 @ 8:10 pm
Huntin’, Phishin’, Lovin’ every day of it.
Kevin Broughton
June 7, 2021 @ 6:45 am
Yeah, I was just thinking the same thing. This is the feel-good story of 2021.
Ian
June 3, 2021 @ 7:39 pm
I don’t think I would be able to tell if the updated their programing or not.
I Stan For Moe Bandy
June 3, 2021 @ 8:44 pm
Probably some 68-year-old Boomer manager opened the wrong email.
James Hooker, The Fastest Man In Pompeii
June 4, 2021 @ 1:12 am
You may be right on that point. I, for one, have given up on being an internet guru.
NPC
June 4, 2021 @ 1:17 am
You’re more than likely correct; it’s possible that a spearphishing email posing as a Cox Media vendor or advertiser could have suckered at least one employee. Also, at least the stations I know tend to run out-of-date OSes on the regular (i.e., Windows 7) because the software they run won’t work with Windows 10, and Windows 7 is the worst about ransomware resistance. In a worst-case scenario, someone at Cox Media’s head office had open-ended remote access to multiple systems at multiple radio stations and had their computer breached (think nationwide programmer or in-house IT), which led to access to multiple systems; open-ended remote access seems to be another running theme among radio stations. Please note that all of the aforementioned is speculation and that I have no connections or insight into the incident.
The Ghost Of...
June 4, 2021 @ 5:46 am
Damn russians…lol.
Putin hates country radio & he is not alone.
Next target: Nascar. The stages kill every race (#12, #21, #48 & the In-Timmy-Dator)
Hey Arnold
June 4, 2021 @ 7:54 am
The hackers apparently placed only one song on a continuous loop… Which one was it?
Hey Arnold
June 4, 2021 @ 7:56 am
My guess….”Waiting on a Woman” by Brad Paisley
WS
June 4, 2021 @ 12:53 pm
Thats an obvious trap to see who could or would name a song played by these stations!
Hey Arnold
June 4, 2021 @ 3:24 pm
Small Town Boy by Dustin Lynch is the most played song in New England !!
Matt F.
June 4, 2021 @ 9:01 am
The hack was obvious as soon as the first Waylon song came on the radio.
CountryKnight
June 4, 2021 @ 9:03 am
Putin isn’t all bad if he hates modern Nashville music!
The Other Rusty
June 4, 2021 @ 12:58 pm
I spent decades working in Computer IT, including managing servers, backups, and anti-virus stuff. It seems unfathomable to me that the companies that get hacked don’t just wipe and re-image their computers, then restore their files from backups, change ALL passwords for ALL accounts(!), and then tell the hackers to kiss their own behinds.
And it would seem that instead of paying the ransom that the hackers want, those companies could hire a hitman for a lot less money, and could then eliminate the hackers at the source! Of course, most of the ransomware authors are in Russia, but I’m sure there are Russians who would like to make some money by getting the ransomware authors, n’est-ce pas?
It is also mind-boggling to me the way that too many folks allow computers to take everything over. Can’t folks do things manually any more? Hackers shut down your radio station? You don’t have a *manual* mixing board, turntables, and CD players? Or did you put all of your trust to run everything off of your computer(s)? But hey, what do I know! I’m just some old boomer that installed an energy-management system at my company decades ago, and also wrote the software for it. I also designed the system so if the computer that controlled the heating and cooling had any problems, an operator could simply flip a switch, and the heating and cooling would revert to “old-fashioned” control by thermostats on the wall.
Blackh4t
June 4, 2021 @ 1:50 pm
I hear you. Its like people who don’t do physical backups. I have my stuff on separate hard drives, not connected to anything. I suppose I could lose the last few months, but not worth paying a ransom for.
NPC
June 4, 2021 @ 4:39 pm
The insane part is that, even if backups are in place, the higher-ups will often encourage the ransom to be paid because 1) The insurance company will pay the ransom, no matter how insane it is, and 2) it may be faster to pay the ransom than to try to restore the backups. The hackers realize this vicious cycle, and that’s why the size and scope of their targets have grown. This sort of knee-jerk reaction by victims and insurance companies has put everyone in greater danger.
Article for reference: https://threatpost.com/cyber-insurance-ransomware-payments/166580/
Big Tex
June 4, 2021 @ 3:33 pm
I, myself, have paid ransom money to radio stations to stop them from playing ANYTHING by Faith Hill, her plastic-hat-wearing husband, Rascal Flatts, Keith Urban, and several others.
Di Harris
June 4, 2021 @ 6:15 pm
Cracks me up that people think this is coming from Russia.
Get your heads out of your a**es.
The pipeline debacle wasn’t from Russia either.
And, i hope everyone is having a wonderful Friday evening/Saturday morning, wherever you are, globally.
NPC
June 5, 2021 @ 8:20 am
It’s almost as though there’s an entirely other totalitarian regime that most of our major manufacturers, big tech businesses, and media organizations have sold their souls to in order to take their money… who could it be…
Are you still enjoying the new place, Di? I’m continuing to pray for you!
Di Harris
June 5, 2021 @ 12:24 pm
Hi NPC!
Exactly, … couldn’t have said it better.
Thank you for the prayers, so very much appreciated.
Love the new place. Have been here 2 months today.
It’s like living on Pass-A-Grille. Never lack for company.
Have had 3 different overnight guests so far. We’re calling it the vacay pad. Where people wake up to the smell of bacon and we just come & go as we please.
(Put the bacon in the oven. Ridiculously easy. Besides who wants to stand over the stove and get splattered with bacon grease? Not me.)
Hope you and your family are well! You too are in prayer, as well as Trigger & his fam. & everyone else.
: D
Big Tex
June 5, 2021 @ 9:51 am
Soooo . . .
Where are the attacks coming from?
Di Harris
June 5, 2021 @ 12:13 pm
From right here in your own country.
Big Tex
June 5, 2021 @ 1:31 pm
And your evidence for that is . . . what?
Di Harris
June 5, 2021 @ 2:13 pm
And your evidence for it not originating here is … ?
Big Tex
June 6, 2021 @ 12:26 pm
I have made no claim as to the origins or non-origins of the attacks.
You have, so, you presumably did so with evidence to support your claim, unless, of course, you just like to blather on without any substantive proof.
So, again, your evidence that the attacks did not originate in Russia consists of what?
CountryKnight
June 7, 2021 @ 11:08 am
It is always Russia to the Left.
They see more red than Joe McCarthy did in the 1950s.
Proofreeder
June 5, 2021 @ 5:50 am
These attacks on hospitals, pipelines, and government are a threat to our well being. Congress should declare ransomware attacks as acts of terrorism and authorize the military to go after the attackers just as they would any terrorist group that attacked us. After the Delta Force or Seals put bullets in a few heads, the attacks may slow down.
Big GG
June 5, 2021 @ 8:05 am
This is the best thing to happen to so called country radio in decades.