One of the country’s biggest distributors of syndicated radio programming has started to recover from a massive security incident that crippled its operations for more than a week, The Desk has learned.
In a note sent to radio affiliates on Tuesday, officials at Skyview Networks said it will bring its Internet-based XDS receiver online around 2 a.m. Eastern Time Wednesday (11 p.m. Pacific Time Tuesday). Stations that had their schedules wiped out during the security incident will see those schedules automatically restored overnight, Skyview said.
The move comes after Skyview Networks successfully ran a test of its systems early Wednesday afternoon, according to a person familiar with the matter, who spoke on condition of anonymity because they were not authorized to speak on behalf of the company.
Last Monday, a cybersecurity incident left Skyview Networks unable to deliver network news updates to CBS News Radio and ABC News Radio affiliates, according to a memo seen by The Desk. The incident was first publicized by this reporter for Radio Ink Magazine.
The memo, sent by officials at CBS News Radio, urged Skyview affiliates to fill their schedules with locally-produced programming in the time slots where CBS News Radio updates and the CBS News World Roundup would normally air. ABC News Radio issued a similar memo also urging affiliates to fill network news programming slots with locally-produced segments or public service announcements.
The issue also affected syndicated daytime and evening programming, including XYZ with Erik Zachary, with stations scrambling to fill its schedule with locally-produced shows instead. Some stations simply opted to delay their switch to syndicated programming, running local shows for a few more hours.
Eventually, ABC, CBS and other programming providers were able to deliver some news segments and shows using file transfer protocol (FTP). On Monday, ABC News Radio told affiliates they would deliver live coverage of the State of the Union address by satellite.
Several radio officials expressed frustration over the initial lack of notification by Skyview itself in the first few days of the security incident. Some decided to air news updates from Radio Resources’s USA News, which offered free access to their news segments on a temporary basis, in order to fill the void left by Skyview.
Skyview has offered few details about the incident, but a person familiar with the company’s response classified the security breach as a ransomware attack. The attack appears to be part of a concerted effort by hackers targeting equipment manufactured by VMWare, which has also caused service disruptions in other sectors in France, Italy, Germany, Singapore and the United Kingdom.
The ransomware attack was first publicized on February 3 by the Computer Emergency Response Team of France, about four days after Skyview’s systems were affected by the breach. According to security publication CSO, more than 3,200 servers have been identified as compromised through the attack.