FOR IMMEDIATE RELEASE:
May 13, 2013
Contact: Mary Kay LeMay
Federal News Radio and WTOP Websites Back After Cyber Attack
Users encouraged to run security scan on their computers
WASHINGTON – The news websites, FederalNewsRadio.com and WTOP.com, are accessible to all Internet users following resolution of a cyber attack against the websites. Users accessing the websites from all web browsers, including Internet Explorer, have full access to both websites.
Insight by Carahsoft: Learn how the FedRAMP PMO and its partners believe the end result of many of ongoing initiatives is a better, faster and cheaper cloud security program by downloading this exclusive ebook.
“Getting the websites back up and running safely for all users has been our top priority,” said Joel Oxley, Senior Vice President and General Manager of Federal News Radio and WTOP. “We take our users’ privacy very seriously, and we have taken steps to prevent similar occurrences. We apologize to our user community for any inconvenience that this incident has caused.”
FederalNewsRadio.com and WTOP.com were victims of cyber attacks last week. When the attacks were discovered, an investigation was launched immediately, the malicious code was removed, additional security measures were installed, and federal law enforcement officials were notified of the incident.
Access to the websites from Internet Explorer web browsers was blocked to allow for a careful examination of how site security was compromised and after the initial review, which suggested the hackers may have targeted Internet Explorer users.
Full access to the websites was restored on Saturday evening, May 11, 2013, after a review of site security and implementation of recommendations to fix the vulnerabilities the attacker exploited to gain access to the websites. The review was conducted and recommendations were made by Mandiant, an internationally recognized cybersecurity consulting firm.
“We have found and eliminated the vulnerabilities that were exploited,” said John Spaulding, the Washington, D.C. Director of Information Systems for Hubbard Radio, the parent company of Federal News Radio and WTOP.
Computers infected with the malware may display a pop-up message indicating that the computer is infected with a virus. This pop-up message may be fake if it prompts the user to click on a link, which takes them to a website that is not recognized by the user. This fake website offers security software for sale and prompts users to provide personal information, including credit card numbers. Users should not provide information, if prompted to do so.
Computers with up-to-date anti-virus programs and security software should identify the malware and provide instructions on how to delete or quarantine it.
Out of an abundance of caution, FederalNewsRadio.com and WTOP.com users who accessed the websites from any web browser during the cyber attack, which occurred approximately from May 5 to May 7, are encouraged to update and run their security software and perform a malware scan on their computer. (See below for more information on how to run a malware scan.)
In addition, the passwords for all registered users and users who receive breaking news, daily headline or other emails from both websites have been reset. These users have been contacted directly, informed of the need to reset their passwords the next time they visit the websites, and encouraged to change their passwords on other websites where they use the same password.
“During the cyber attack, it is possible the database of FederalNewsRadio.com and WTOP.com email users may have been compromised. However, we have no evidence that any log-in information was actually acquired by the hackers,” said Spaulding.
Neither FederalNewsRadio.com or WTOP.com collect or store social security numbers or credit card information.
FederalNewsRadio.com and WTOP.com are reaching out to all users, via email messages and through social media, to make them aware of the situation. More information on how to detect malware on a computer can be found below.
The malware attack targeted the Internet Explorer browser. If you accessed FederalNewsRadio.com or WTOP.com from Internet Explorer recently, you may have been infected. While other browsers may not have been directly infected, the malware still may have installed a cookie on your browser. We urge everyone to clear their cookies and browser cache no matter what browser they have been using to access FederalNewsRadio.com and WTOP.com, and to do a full virus scan on their machine (see instructions below).
An infected machine may exhibit some or all of the following behavior:
An infected machine will likely open numerous windows with an error message such as:
Want to stay up to date with the latest federal news and information from all your devices? Download the revamped Federal News Network app
You may also see error messages when trying to access the Internet, such as the ones below:
If you don’t already have an anti-virus program on your machine, download one. Some free possibilities are AVG or Avast. A removal tool, which may help, can be found here. The best practice for removing malware is to download the anti-virus program to a trusted, non- infected computer instead of the computer which you believe has the virus.
If you have access to a trusted, non-infected computer:
If you do not have access to a trusted, non-infected computer: