The M6 Group, France’s largest privately-owned multimedia group, was the victim of ransomware over the weekend, but none of the company’s TV and radio channels suffered any downtime.
The incident took place on Saturday morning, according to a message the company posted on its official Twitter account.
The M6 Group said they managed to contain the infection with the help of its cybersecurity staff, preventing any downtime to any of its ten TV channels, radio stations, and film studios.
However, according to French newspaper L’Express, the company did not escape the incident unscathed, with phone lines and email servers still being down today, on Monday. Following M6’s public announcement, fellow TV station TF1 forbade employees to communicate via email with M6 counterparts, fearing they might get infected as well.
In hindsight, M6 dodged a major bullet and should be thanking its staff for the prompt response that limited the ransomware’s impact.
For example, The Weather Channel went off the air for 90 minutes in April this year following a similar ransomware incident.
Similarly, CBS-owned Entercom, the biggest radio broadcaster in the US, also suffered a similar incident. None of the company’s radio stations went off the air, but the ransomware infection took email servers and internal networks offline for almost two weeks.
Nevertheless, none of these two incidents were on the M6 team’s mind when they first responded to the malware incident on Saturday.
French TV stations live in horror of the TV5 Monde cyber-attack repeating. On April 8, 2015, Russian hackers breached the TV station’s network, took its live feed down for hours, defaced its website and social media account, and came within hours of destroying the TV network’s data, according to the TV5 Monde boss.
The hack was initially claimed by an ISIS-linked hacker group known as the Cyber Caliphate, but was later attributed to one of Russia’s elite cyber-espionage teams known as Fancy Bear.