| Recurring |
one_organization, multiple_organization |
(a) The software failure incident happened again at Tribune Publishing, the organization affected by the cyberattack. The incident was not completely resolved yet, as mentioned by Hillary Manning, the vice president for communications at The Los Angeles Times [79089].
(b) The software failure incident affected multiple organizations, including The Los Angeles Times, The San Diego Union-Tribune, The New York Times, The Wall Street Journal, The South Florida Sun Sentinel, The Palm Beach Post, and a water utility in North Carolina. These organizations were impacted by the cyberattack on the printing operations, causing delays and disruptions in distribution [79089]. |
| Phase (Design/Operation) |
design |
(a) The software failure incident in the news articles can be attributed to the design phase. The incident was caused by a cyberattack involving malware that disrupted the printing operations of newspapers owned by Tribune Publishing [79089]. The attack targeted the networks used by Tribune Publishing, affecting the printing operations of newspapers like The Los Angeles Times, The San Diego Union-Tribune, The New York Times, and The Wall Street Journal. The attack was sophisticated and involved ransomware, which scrambled computer programs and files, leading to operational disruptions in the printing process. The malware attack was a result of vulnerabilities in the design and infrastructure of the printing networks, highlighting a failure in the design phase of the system. |
| Boundary (Internal/External) |
within_system, outside_system |
(a) within_system: The software failure incident was caused by a cyberattack involving malware that targeted the networks used by Tribune Publishing, impacting various newspapers including The Los Angeles Times, The San Diego Union-Tribune, The New York Times, and The Wall Street Journal [79089].
(b) outside_system: The cyberattack that led to the software failure incident was reported to have originated from outside the United States, although no specific foreign government was accused. The attack was described as an unusual cyberattack on major newspaper printing operations, potentially politically motivated, and possibly involving ransomware [79089]. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident was caused by non-human actions, specifically a cyberattack involving malware targeting the networks used by Tribune Publishing [79089].
(b) The cyberattack that disrupted the printing operations of newspapers in Los Angeles, San Diego, and Florida was a result of human actions, specifically a deliberate attack by hackers from outside the United States [79089]. |
| Dimension (Hardware/Software) |
software |
(a) The software failure incident reported in the news articles was primarily due to a cyberattack involving malware that disrupted printing operations at newspapers in Los Angeles, San Diego, and Florida. The attack targeted the networks used by Tribune Publishing, impacting various newspapers sharing the printing networks [79089].
(b) The software failure incident was caused by a cyberattack involving malware, specifically suspected to be a form of ransomware called Ryuk. This ransomware attack scrambled computer programs and files, affecting the transmission of pages from offices to printing presses, leading to delays in printing schedules for newspapers [79089]. |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The software failure incident reported in Article 79089 was malicious in nature. The incident was described as an unusual cyberattack that disrupted printing operations at newspapers in Los Angeles, San Diego, and Florida. The attack was believed to have originated from outside the United States and was suspected to be a form of ransomware, specifically resembling a type called Ryuk. The attack affected the networks used by Tribune Publishing, causing delays in printing schedules and distribution of newspapers like The New York Times and The Wall Street Journal [79089]. The attack was not linked to a ransom demand, but it was clear that the disruption was caused by malicious actors seeking to disrupt operations and potentially gain financially from the attack. |
| Intent (Poor/Accidental Decisions) |
poor_decisions |
(a) The intent of the software failure incident related to poor_decisions:
The software failure incident involving a cyberattack on Tribune Publishing's printing operations, which also affected newspapers like The Los Angeles Times, The San Diego Union-Tribune, The New York Times, and The Wall Street Journal, was likely driven by poor decisions made by the cybercriminals behind the attack. The attack was suspected to be a form of ransomware, possibly Ryuk, which was used to target various critical infrastructure entities. The attackers demanded a ransom payment, and it was reported that the group behind the ransomware received a payment of nearly 100 Bitcoin, equivalent to over $380,000 [79089].
(b) The intent of the software failure incident related to accidental_decisions:
There is no indication in the articles that the software failure incident was due to accidental decisions. The attack was deliberate and targeted, with the cybercriminals behind it likely aiming to disrupt the printing operations of Tribune Publishing and other newspapers for financial gain through ransom demands. |
| Capability (Incompetence/Accidental) |
accidental |
(a) The software failure incident reported in the news article was not attributed to development incompetence. The incident was primarily described as a cyberattack involving malware that disrupted printing operations at newspapers in Los Angeles, San Diego, and Florida [79089].
(b) The software failure incident was accidental in nature, as it was caused by a cyberattack involving malware that targeted the networks used by Tribune Publishing, impacting the printing operations of several newspapers. The attack was described as a sophisticated one that initially appeared to be a malfunctioning computer server before being identified as a malware attack that hindered the transmission of pages to printing presses [79089]. |
| Duration |
temporary |
(a) The software failure incident described in the articles was temporary. The incident was initially contained but then re-emerged and spread through the systems, hindering the transmission of pages from offices to printing presses [79089]. The systems outage caused by the virus or malware was not completely resolved yet, indicating a temporary nature of the failure [79089]. |
| Behaviour |
crash, omission, other |
(a) crash: The software failure incident in the news articles can be categorized as a crash. The incident led to disruptions in printing operations at newspapers in Los Angeles, San Diego, and Florida, causing delays in the distribution of newspapers like The New York Times and The Wall Street Journal [79089].
(b) omission: The software failure incident can also be linked to omission as the system omitted to perform its intended functions at instances, resulting in delays in the transmission of pages from offices to printing presses, impacting the production schedules of newspapers [79089].
(c) timing: The timing of the software failure incident was crucial as it caused delays in the distribution of newspapers, with some copies being delivered a day late due to the system outage caused by the virus or malware [79089].
(d) value: The software failure incident did not directly result in the system performing its intended functions incorrectly. However, the disruption in printing operations and delays in distribution could be seen as the system not delivering the expected value to customers [79089].
(e) byzantine: The software failure incident did not exhibit characteristics of a byzantine failure where the system behaves erroneously with inconsistent responses and interactions. The incident primarily involved disruptions in printing operations and delays in distribution due to the malware attack [79089].
(f) other: The other behavior exhibited by the software failure incident was the spread of the attack through systems governing the interface between news content systems and printing systems, hindering the transmission of pages and impacting the production of newspapers [79089]. |