Cyber Incident Victim: Top FM
Date:
Dec 2022
Location:
Mauritius
Summary
A Mauritian media organization experienced a sophisticated, targeted cyberattack initially suspected to be ransomware, which rapidly propagated across its systems. The attack disrupted operations, rendering its primary YouTube channel inaccessible and forcing temporary content migration to an alternative platform while recovery efforts proceeded. Independent experts confirmed the incident's advanced nature, though the source remained under investigation. Despite significant infrastructure compromise, the entity maintained partial broadcast continuity across radio and digital platforms during remediation.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 3 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On December 19, 2022, at approximately 14:00 local time, Top Fm and Top Tv experienced a significant cyberattack that initially presented as a ransomware incident. The attack rapidly propagated across their systems, escalating beyond initial assessments. By the following day, independent cybersecurity experts retained by the company’s management confirmed the incident was a targeted attack characterized by sophisticated methods. The investigation revealed the intrusion was deliberate and coordinated, though the specific threat actor remained unidentified at this stage. Technical details regarding initial attack vectors or malware variants were not publicly disclosed. The attack’s progression compromised multiple operational systems, forcing the organization to implement contingency measures to sustain critical services.
The cyberattack caused substantial disruptions, including the complete unavailability of Top Tv Mauritius’ primary YouTube channel, which hosted the station’s video content. Recovery efforts involved direct engagement with YouTube’s support teams to restore access, while temporary content distribution shifted to the Top FM Mauritius YouTube channel. Broadcast operations were impaired, though both entities maintained partial service delivery through radio transmissions and alternative digital platforms. No data theft or extortion demands were mentioned in initial reports. The forensic investigation continued to trace the attack’s origin and methodology, with no public attribution or claims of responsibility. Operational resilience measures prioritized minimal service interruption while remediation and recovery workflows proceeded under expert guidance.