The Weather Channel goes off the air for 90 minutes after ransomware infection

The Weather Channel IT staff dealt with the ransomware infection by restoring impacted computers from backups.
Written by Catalin Cimpanu, Contributor
The Weather Channel
Logo: The Weather Channel // Composition: ZDNet

The Weather Channel's Atlanta headquarters were hit by ransomware yesterday, April 18, and the station's live TV broadcast was interrupted for 90 minutes as a result.

The incident occurred at around 6:00 am, local time, when the TV station's daily morning live show AMHQ stream went down for minutes, before being replaced with re-runs of Heavy Rescue.

During that time, The Weather Channel's IT staff restored impacted computers from backups, but the entire process took 90 minutes before the TV station was able to come back on air with its regular programming.

Contrary to popular belief that nobody watches The Weather Channel anymore, many users immediately noticed that something was wrong.

Following hundreds of user inquiries on Twitter and Facebook, the TV station confirmed that it had fallen victim to a "malicious cyber-attack," but did not give out any other details.

The Weather Channel did not reply to requests for comments from ZDNet last night on the nature of the incident; however, Atlanta local TV station 11Alive reported that the company's main headquarters had fallen victim to a ransomware infection, which was the source of the live broadcast outage.

Today, The Wall Street Journal confirmed 11Alive's report, citing sources with the Federal Bureau of Investigation who said they were investigating the TV station's outage as a ransomware incident.

This incident shows once again that nobody's safe from ransomware infections. While most of the time ransomware authors target home users, local municipalities, schools, or healthcare institutions, ransomware gangs won't refuse any vulnerable network if they find it.

The best example of this happened earlier this week when in an extreme case of irony ransomware infected the internal network of Verint, a well-known cyber-security and threat intelligence company.

Cybercrime and malware, 2019 predictions

Related malware and cybercrime coverage:

Editorial standards