The media company Lee Enterprises said a “cybersecurity event” had created havoc at dozens of its newspapers, prompting some to publish shorter editions or not print at all.
Newspapers across the country owned by the news media company Lee Enterprises were unable to print, had problems with their websites and published smaller issues after a cyberattack last week, the company said.
In a statement emailed on Sunday, Lee Enterprises said that the company was facing disruptions to its daily operations because of a “cybersecurity event,” and that it had notified law enforcement.
Lee Enterprises is the parent company of more than 70 daily newspapers, such as The St. Louis Post-Dispatch, and nearly 350 weekly and specialty publications in 25 states, including Alabama, New York and Oregon. The company did not say how the attack happened or who was behind it.
We are now focused on determining what information — if any — may have been affected by the situation,” the company said.We are working to complete this investigation as quickly and thoroughly as possible, but these types of investigations are complex and time-consuming, with many taking several weeks or longer to complete.
Stay updated with SOC News for cutting-edge security innovations and expert industry insights!
Source :https://www.nytimes.com/2025/02/09/business/media/newspaper-cyberattack-lee-enterprises.html
From traditional investigative methods to zero-day exploits, authorities have a range of techniques at their disposal, including digital searches at borders, which could present concerns for CISOs.
Accessing data on encrypted devices might seem like something out of a hacker or spy movie, but for law enforcement, it’s a very real challenge.
The issue is of relevance to CISOs and other security professionals because workers on sales trips or attending conferences overseas might face demands to decrypt devices and present their contents at border crossings.
Chinese border agents, for example, may use specialized equipment to extract data from devices, even if locked or encrypted.
Contrary to films, brute forcing an AES encryption key or similar encryption technologies is impractical — at least pending the advent of powerful enough quantum computers.
Modern encryption is pretty solid, but luckily for law enforcement and spy agencies the software and people using it are pretty fallible.
Access requests
Gaining access to a suspect’s mobile phone or computer is a high priority for law enforcement.
When a mobile device is seized, law enforcement can request the PIN, password, or biometric data from the suspect to access the phone if they believe it contains evidence relevant to an investigation.
In England and Wales, if the suspect refuses, the police can give a notice for compliance, and a further refusal is in itself a criminal offence under the Regulation of Investigatory Powers Act (RIPA).
“If access is not gained, law enforcement use forensic tools and software to unlock, decrypt, and extract critical digital evidence from a mobile phone or computer,” says James Farrell, an associate at cyber security consultancy CyXcel. “However, there are challenges on newer devices and success can depend on the version of operating system being used.”
Stay updated with SOC News for cutting-edge security innovations and expert industry insights!
