(Reuters) – Tribune Publishing Co
The company has made “lots of progress” in repairing infected computer systems, the person said. Still, the Tribune’s network has not yet been restored to normal, according to the person, who was not authorized to publicly discuss details of the repair effort.
The cyber attack on the company’s back office systems was identified on Friday and disrupted production of Saturday editions of papers that use its production platform. That included Tribune-owned papers such as the Baltimore Sun and Orlando Sentinel, as well as publications that use part of its production platform, including the Los Angeles Times and San Diego Tribune.
It is the latest in a string of cyber attacks that have disrupted operations at manufacturing plants, hospitals, 911 emergency dispatch centers and companies around the world.
These kinds of cyber attacks are often extortion schemes in which hackers use a type of computer virus known as “ransomware” that cripples networks, then offers to restore access in exchange for a payment.
Tribune has not said if ransomware was used in the attack, identified any suspects or discussed possible motivations.
“We are working across our organization and employing many external expert resources to help contain the malware, remediate any lingering issues and protect our environment,” Tribune said in a statement emailed to Reuters on Monday.
The attack only affected newspaper production and did not compromise data of readers or advertisers, the statement said.
Tribune Publishing shares were up 1.3 percent in midday trading, compared with a 0.4 percent gain for the S&P 500 Index.
(Reporting By Jim Finkle in New York; editing by Grant McCool)