Detroit PBS Faces Major Cybersecurity Breach by Qilin Group

Incident Date: Sep 25, 2024

Attack Overview

VICTIM

Detroit PBS

INDUSTRY

Education

LOCATION

USA

ATTACKER

Qilin

FIRST REPORTED

September 25, 2024

Request Removal

Qilin Ransomware Group Targets Detroit PBS in Significant Cyber Attack

Detroit PBS, a prominent educational and cultural resource in the Detroit area, has fallen victim to a ransomware attack orchestrated by the Qilin group. The attack, discovered on September 24, resulted in the compromise of 573 GB of data, posing a significant threat to the station's operations and its role as a community-licensed public television station.

About Detroit PBS

Detroit PBS, officially known as Detroit Public Television, is a non-commercial public television station serving the Detroit metropolitan area. It is renowned for its diverse programming that emphasizes education, community engagement, and the arts. As Michigan’s only community-licensed public television station, Detroit PBS stands out for its strong community ties and commitment to transparency, as evidenced by its GuideStar Platinum Seal of Transparency. The station operates multiple channels and services, including the classical and jazz radio station WRCJ 90.9 FM, and reports an annual revenue of approximately $22.4 million, primarily from viewer support.

Details of the Ransomware Attack

The Qilin ransomware group, known for its sophisticated cyber attacks, claimed responsibility for the breach. The attackers reportedly exfiltrated a substantial amount of data, impacting Detroit PBS's ability to serve its audience effectively. The attack highlights vulnerabilities in the station's cybersecurity infrastructure, which may have been exploited through phishing emails or other common entry points used by ransomware groups.

Profile of the Qilin Ransomware Group

Qilin, also known as Agenda, operates under a Ransomware-as-a-Service model, providing affiliates with tools to conduct ransomware operations. The group has gained notoriety for its use of Rust-based malware, which enhances its evasion capabilities. Qilin employs a double extortion strategy, encrypting data and threatening to release it unless a ransom is paid. The group has targeted over 150 organizations across 25 countries, with a focus on sectors like healthcare and education.

Qilin's ability to penetrate systems is often attributed to its use of phishing emails and exploitation of network vulnerabilities. The group's dark web presence serves as a platform for extortion, where they post details about their victims to pressure them into compliance.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.