Fallout from Guardian cyber attack to last at least a month – ComputerWeekly.com

BillionPhotos.com – stock.adobe.
Staffers at the UK’s Guardian newspaper have been informed that their offices will remain shut for at least a month, following the 20 December 2022 suspected ransomware attack on the media organisation’s systems.
According to an internal notice seen by media sector publication Press Gazette, Guardian Media Group (GMG) chief executive Anna Bateson said at the beginning of the week that journalists and other staff would have to continue to work from home.
She said that a fortnight after the incident, a number of key systems still remain offline and are unavailable, and that this was a result of the steps the organisation took to secure itself.
“To reduce strain on our networks and help the enterprise tech, ESD and other involved teams focus on the most essential fixes, everyone must work from home until at least Monday 23 January in the UK, US and Australia, unless you are specifically asked to work from our offices,” said Bateson.
Other reporting described a “total nightmare”, with problems supposedly affecting print production, financial systems including payroll and expenses, and even the on-site canteen at GMG’s London office.
The incident is understood to have begun on the evening of Tuesday 20 December and. according to the Guardian, which broke the news of the incident itself the following day, affected unspecified parts of its infrastructure, although its online publishing systems were not affected, meaning the newspaper was able to continue to publish stories online.
Two weeks on, confirmed details on the incident remain sparse and GMG has not made any further statements as to the precise nature of the incident, although its online subscriber help centre appears to have acknowledged that it was indeed a ransomware attack.
Although it cannot be stated for certain that the attack on GMG was a targeted incident, what can be said with relative confidence is that media outlets are increasingly targeted by threat actors as such incidents can prove highly disruptive and are likely to resonate with a far wider audience.
It can also be fairly said that reporting on major international incidents such as Russia’s war on Ukraine may leave a title exposed to malicious actions by Russia-backed or aligned groups. Additionally, any publisher of titles that skew to the different ends of the political spectrum – in GMG’s case, its titles lean to the liberal centre and left wings – may also find themselves the targets of politically motivated hacktivism.
Dan Vasile, vice-president of strategic development at BlueVoyant, and a former cyber security operator in the media sector, conducted research into the security challenges that the media industry faces in 2022.
“The media industry is often targeted because of the influence it holds. Media companies get high-volume traffic and are trusted by their audience,” Vasile told Computer Weekly in emailed comments.
“This puts a target squarely on the backs of news organisations. The domino effect is in full force: Thomson Reuters, The New York Post, Fast Company, and now The Guardian, among countless previously reported breaches.
“Generally speaking, large media organisations have structured cyber security programs in place, but as companies’ digital estates become well defended, malicious actors turn their attention to the supply chain, opening up a whole new attack surface,” he said.
The BlueVoyant research – which was published in August 2022 – said there were material security failings across the media sector’s supplier ecosystem, compounding the issue.
The incident at GMG also demonstrates a firmly established trend of executing large-scale cyber attacks around major holiday periods – the 2021 attack on Kaseya that unfolded over the US 4 July holiday being an excellent example – with IT and security teams stretched thinly due to holiday cover, the chances of a successful attack can slightly increase.

When building a list of emerging technologies to watch, it’s essential to also consider sustainability — a concept gaining more …
Looking for information on digital transformation? Our list of 12 must-reads covers everything from formulating a digital …
Technology managers will be boosting cybersecurity, optimizing previous investments and staying on top of AI — while they also …
The exploit that led to the Rackspace ransomware attack, referred to as OWASSRF, combines two Exchange Server flaws — CVE-2022-…
Cloud provider Rackspace was just one of several major enterprises to suffer a ransomware attack, according to public disclosures…
A new exploit chain using one of the ProxyNotShell vulnerabilities has bypassed Microsoft’s URL Rewrite mitigations from …
As multi-cloud networking becomes an industry standard, enterprises increasingly seek tools to wrangle data, services and …
Despite the volatile economy and tech industry, networking pros should see a strong job market in 2023, with opportunities for …
When planning wireless network capacity needs, tally your total endpoints, monitor application bandwidth usage and consider …
Quantum computing has lots of potential for high compute applications. But the technology is still in the early stages, so it may…
Data lakes and data warehouses both store big data. When choosing a lake or warehouse, consider factors such as cost and what …
Classical and quantum computers have many differences in their compute capabilities and operational traits. Know their …
Expect more organizations to optimize data usage to drive decision intelligence and operations in 2023, as the new year will be …
These 10 roles, with different responsibilities, are commonly a part of the data management teams that organizations rely on to …
These eight challenges complicate efforts to integrate data for operational and analytics uses. Here’s why, plus advice on how to…
All Rights Reserved, Copyright 2000 – 2023, TechTarget

source

Related Articles