BillionPhotos.com – stock.adobe.
Staffers at the UK’s Guardian newspaper have been informed that their offices will remain shut for at least a month, following the 20 December 2022 suspected ransomware attack on the media organisation’s systems.
According to an internal notice seen by media sector publication Press Gazette, Guardian Media Group (GMG) chief executive Anna Bateson said at the beginning of the week that journalists and other staff would have to continue to work from home.
She said that a fortnight after the incident, a number of key systems still remain offline and are unavailable, and that this was a result of the steps the organisation took to secure itself.
“To reduce strain on our networks and help the enterprise tech, ESD and other involved teams focus on the most essential fixes, everyone must work from home until at least Monday 23 January in the UK, US and Australia, unless you are specifically asked to work from our offices,” said Bateson.
Other reporting described a “total nightmare”, with problems supposedly affecting print production, financial systems including payroll and expenses, and even the on-site canteen at GMG’s London office.
The incident is understood to have begun on the evening of Tuesday 20 December and. according to the Guardian, which broke the news of the incident itself the following day, affected unspecified parts of its infrastructure, although its online publishing systems were not affected, meaning the newspaper was able to continue to publish stories online.
Two weeks on, confirmed details on the incident remain sparse and GMG has not made any further statements as to the precise nature of the incident, although its online subscriber help centre appears to have acknowledged that it was indeed a ransomware attack.
Although it cannot be stated for certain that the attack on GMG was a targeted incident, what can be said with relative confidence is that media outlets are increasingly targeted by threat actors as such incidents can prove highly disruptive and are likely to resonate with a far wider audience.
It can also be fairly said that reporting on major international incidents such as Russia’s war on Ukraine may leave a title exposed to malicious actions by Russia-backed or aligned groups. Additionally, any publisher of titles that skew to the different ends of the political spectrum – in GMG’s case, its titles lean to the liberal centre and left wings – may also find themselves the targets of politically motivated hacktivism.
Dan Vasile, vice-president of strategic development at BlueVoyant, and a former cyber security operator in the media sector, conducted research into the security challenges that the media industry faces in 2022.
“The media industry is often targeted because of the influence it holds. Media companies get high-volume traffic and are trusted by their audience,” Vasile told Computer Weekly in emailed comments.
“This puts a target squarely on the backs of news organisations. The domino effect is in full force: Thomson Reuters, The New York Post, Fast Company, and now The Guardian, among countless previously reported breaches.
“Generally speaking, large media organisations have structured cyber security programs in place, but as companies’ digital estates become well defended, malicious actors turn their attention to the supply chain, opening up a whole new attack surface,” he said.
The BlueVoyant research – which was published in August 2022 – said there were material security failings across the media sector’s supplier ecosystem, compounding the issue.
The incident at GMG also demonstrates a firmly established trend of executing large-scale cyber attacks around major holiday periods – the 2021 attack on Kaseya that unfolded over the US 4 July holiday being an excellent example – with IT and security teams stretched thinly due to holiday cover, the chances of a successful attack can slightly increase.
There were plenty of warnings about metaverse hype, but at CES 2023 there’s business interest in its potential to build 3D …
CES 2023, the annual consumer electronics show, is giving attention to sustainability and tech, including blockchain, that can …
CIOs and IT leaders who want to implement sustainability programs can’t ignore the human element. Learn strategies to build a …
Like last year, ransomware attacks in 2022 caused prolonged disruptions and saw stolen data leaked to public sites. Here are 10 …
Rackspace said Personal Storage Tables of 27 customers were accessed in the attack last month, but added there was no evidence …
To personalize UX, Windows devices aren’t shy about collecting user data. This isn’t ideal for enterprise security. Discover how …
Numerous changes driving 2023 networking trends include network automation, multi-cloud networking growth, security concerns, …
As multi-cloud networking becomes an industry standard, enterprises increasingly seek tools to wrangle data, services and …
Despite the volatile economy and tech industry, networking pros should see a strong job market in 2023, with opportunities for …
Quantum computing has lots of potential for high compute applications. But the technology is still in the early stages, so it may…
Data lakes and data warehouses both store big data. When choosing a lake or warehouse, consider factors such as cost and what …
Classical and quantum computers have many differences in their compute capabilities and operational traits. Know their …
Data observability provides holistic oversight of the entire data pipeline in an organization. Use the five pillars to ensure …
Numerous tools are available to use in big data applications. Here’s a look at 18 popular open source technologies, plus …
Numerous tools can be used to build and manage data catalogs. Here’s a look at the key features, capabilities and components of …
All Rights Reserved, Copyright 2000 – 2023, TechTarget
Privacy Policy
Cookie Preferences
Do Not Sell or Share My Personal Information