One of the largest newspapers in Philadelphia was hit by a cyber attack last weekend, which led to major disruptions in the production of its Sunday edition. The Philadelphia Inquirer is still facing difficulties with daily operations due to the attack, and staff have been instructed to continue working from home until at least May 16 while third-party cybersecurity experts work to restore the systems.
The media company is still unable to gauge when the systems will be fully restored, and its publisher, Lisa Hughes, said in an email to Dark Reading that management is still unaware of the cause of the attack. Despite the obstacles, the Inquirer is still publishing and updating stories on Inquirer.com, albeit at a slower pace than usual.
The cyber attack halted production within print production, leaving readers without a physical copy of their Sunday paper. While the Inquirer was able to publish on May 15, the paper’s classified and obituary sections were absent from Monday’s print edition and will only be reappearing on May 17.
This is the most significant disruption to the Inquirer’s production in 27 years, and it happened at an inopportune time for the news organization, occurring just days before a key mayoral election in the city.
While the Inquirer has not divulged the type of attack or the identity of the attackers, it is evident that the media company was blindsided by the extent of the disruption. As cyber threats increase, organizations in all sectors must prioritize robust cybersecurity measures, including firewalls, intrusion detection systems, and antivirus software, complemented by regular updates and patches to eliminate potential vulnerabilities.
The Inquirer’s attack is not its first encounter with cybercriminals; its employees have also been targeted by spear-phishing campaigns impersonating senior management, including Hughes. The Inquirer has not yet required multi-factor authentication (MFA) across its key systems, a basic cornerstone of security that organizations should prioritize to prevent cyberattacks. Despite the effectiveness of MFA decreasing as cybercriminals grow more sophisticated, hardware tokens can reduce the risk of interception and duplication, providing an added layer of security and making them a more effective and secure form of MFA.
Proactive cybersecurity measures like continuous monitoring and regular security audits can also go a long way in preventing cyberattacks. While the Inquirer has invested significantly in digital security and has undergone regular security audits, the vulnerability exploited in the attack had not previously been flagged for investigation.
The incident should serve as a reminder to organizations to develop solid incident response and business continuity plans that can minimize downtime and maintain operations in the event of a cyber attack. Cybersecurity should be a top priority for organizations in all sectors to prevent the kind of disruption that the Inquirer experienced.