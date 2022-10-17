The hacker attack on RecordTV’s systems had a new development. A week after the action, cybercriminals began leaking confidential documents from the broadcaster and employees.

According to cybercrime expert and investigator @akaclandestine, the information is available on the deep web, a kind of “invisible” part of the internet we use today. Ricardo Feltrin’s column, from Splash, had access to a scanned spreadsheet with the group’s expenses, advertising revenue data and even the broadcaster’s legal department.

The scanned passport of one of Record’s entertainment personalities was also viewed. The promise of hackers is that more content is released on the network.

Leak size is uncertain

The extent of the invasion of the company’s systems and the volume of stolen data are still not officially known. So far RecordTV has not commented.

Everything indicates that the attack carried out was of the ransomware type, a strategy that uses a malicious program to hijack information and encrypt it.

In return, criminals ask for a ransom in cash, usually cryptocurrencies. In the case of Record, US$ 5 million (about R$ 25 million) would have been required to return the “key” to access the systems.

According to internal sources, the theft of information involves files of reports, pictures and stored content already shown in the past or that would air in the future.

The release of data from the broadcaster of the evangelical bishop Edir Macedo took place one day after the expiration of the ultimatum given for the payment of the ransom, which was at 1:50 pm on Saturday (15).

The reproduction of copies of the documents suggests that RecordTV did not pay the requested ransom.

Attack is not the first to affect TV station

Other cases of cyber attacks against television stations involving data hijacking have already taken place in other countries, recalls Professor Marcos Simplício, a member of the IEEE (Institute of Electrical and Electronics Engineers).

The professor emphasizes that since there are so many and so everyday cases of ransomware in the world, that it is almost impossible to keep an up-to-date list to compare the size of the cases. That’s why it’s difficult to measure whether Record’s is the biggest ever.

The most recent was this year, when the Colombian channel Caracol television suffered a cyber attack of the type ransomware, on the 22nd of May. As a result, design programs and operational applications were affected. Criminals were unable to access information content on your network.

Another broadcaster that suffered from cybercrime was the Sinclair Broadcast group in 2021, in the United States. The ransomware attack disrupted much of local news programming.

This has been considered one of the most visible attacks in the country since cyber actions of the type carried out against fuel supplier Colonial Pipeline and meat processor JBS USA (the company paid $11 million for the release of the hijacked data).

What to do if your business is hacked

In an attempt to recover its system and guarantee the safety of its employees, RecordTV reported the attack to the cyber crimes department of the Civil Police, which is investigating the situation.

Paying the ransom is not recommended, according to internet security and law experts.

“You should never pay the ransom amount, because that does not guarantee that the criminal will return the data”, says digital lawyer Gisele Truzzi,

According to her, the first procedure that should be adopted as soon as a company discovers that it has been the victim of a cyber-invasion is to contact a digital forensics expert and a lawyer specialized in the area.

“So that these professionals can better guide the company, how to properly protect these evidence so that it can be used later”, he says.

It is also important to register a BO (Occurrence Bulletin). The lawyer recalls that this type of crime falls within the scope of theft and extortion.

“These are two crimes already typified in our Penal Code. Theft can be understood as data theft or misappropriation. And a specific crime is the invasion of someone else’s computer device, described in article 154A of the Penal Code”, completes Truzzi.

How to increase protection from hackers

According to experts, preventive measures to prevent cyber-invasions include:

Keep the operating system of the equipment up to date. This reduces the risk in the face of updates and patches for system errors and vulnerabilities.

Make backup copies, mainly of important files for the organization.

Exercise caution when opening suspicious files and links received in email, in addition to Office document “macros”. It is important that employees are aware of the real risks.

In some cases, immediately formatting the servers and using the backup is able to give back access to the company’s systems. The problem here is that the data accessed by cybercriminals remains leaky.

“Review and reinforce the security of local systems, preferably with the help of specialized companies, to reduce the chances of the problem happening, or to reduce data if new intrusions occur”, emphasizes Professor Simplício.