This story is so bizarre. Despite the article being 20+ paragraphs, there are hardly any details. It lists a handful of newspapers spread across the country and just says they were delayed. Could it be any more vague? The most concrete detail provided is that the attack "disrupted a shared production platform" that apparently made it hard for the printing presses to work - but what does that mean? Disrupted how? What was the shared platform? Was it targeted at multiple newspapers, or was this an attack on a single platform that just happens to be used by all of these newspapers?<p>Then, in regards to the origin of the attack, the <i>only</i> detail provided is this single line:<p>> The source identified the attacker only as a “foreign entity.”<p>That's it. There is absolutely no other information given about the origin of the attack. And yet it's in the story headline? Talk about fear mongering.<p>They also either didn't report, or even more confusing, don't know if the attack was reported to the FBI.<p>And just to make it even more bizarre, this entire article is written by LA Times staff and posted on the LA Times website, and then talks about the LA Times (one of the affected newspapers) as if they have no idea how the LA Times was affected. Shouldn't they have a lot more information?<p>Overall, this article seems to be written by someone who has very little information about the incident(s), and very little knowledge about technology. It also reeks of knee-jerk "omfg hackers!1!". In reality, based on the few details that <i>are</i> available, it sounds to me like they just got hit by some boring ransomware virus. It likely wasn't even targeted.
<i>Cyberattack from outside the U.S. hits newspapers across the country, preventing distribution, source says</i><p>Let's go in with Occam's Razor: RLY? No.<p>Theory: We don't have useful backups and suffered a IT meltdown. Soz.
"Outside the US" is such a weird thing. I regularly VPN out through [insert random country] and then poke at "interesting" websites over Tor. Were am I coming from? It's almost impossible to tell, and for 99.999% of all orgs (including government ones), it basically is impossible.
I think it's more likely that some commonly-owned group of newspaper syndicate has been hit by a variety of cryptolocker taking out their windows XP/Vista/7/10 PCs, due to poor network security practices, than they've been maliciously attacked.
One thing I'd guaranteed- it's not china. China is very well adept at paying newspapers and tv firms journalists as my friends from south asia tell me and that is a much cleaner approach.
The NSA's logs will show exactly where it came from. I don't think they will let us know, as it could also be a False flag cyber attack to push a cyberwar against NK, Russia or Iran. A strategy that is so common these days.