{"id":595315,"date":"2023-01-08T05:49:22","date_gmt":"2023-01-08T11:49:22","guid":{"rendered":"https:\/\/news.sellorbuyhomefast.com\/index.php\/2023\/01\/08\/fallout-from-guardian-cyber-attack-to-last-at-least-a-month\/"},"modified":"2023-01-08T05:49:22","modified_gmt":"2023-01-08T11:49:22","slug":"fallout-from-guardian-cyber-attack-to-last-at-least-a-month","status":"publish","type":"post","link":"https:\/\/newsycanuse.com\/index.php\/2023\/01\/08\/fallout-from-guardian-cyber-attack-to-last-at-least-a-month\/","title":{"rendered":"Fallout from Guardian cyber attack to last at least a month"},"content":{"rendered":"<div>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.computerweekly.com\/visuals\/ComputerWeekly\/Hero Images\/Newspapers-print-publicaton-adobe_searchsitetablet_520X173.jpg\" data-credit=\"BillionPhotos.com - stock.adobe.\"  width=\"520\" height=\"173\" alt><\/p>\n<p>BillionPhotos.com &#8211; stock.adobe.<\/p>\n<\/p><\/div>\n<div id=\"content-header\">\n<h2>The Guardian newspaper\u2019s offices remained shut into the New Year following a supposed ransomware attack, with disruption likely to last some time<\/h2>\n<\/div>\n<div id=\"content-center\">\n<ul>\n<li><i data-icon=\"1\"><\/i><\/li>\n<li><i data-icon=\"2\"><\/i><\/li>\n<\/ul>\n<div id=\"contributors-block\">\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/computerweekly\/Alex-Scroxton-CW-Contributor-2022.jpg\" alt=\"Alex Scroxton\">\n\t\t\t\t\t<\/p>\n<p><span>By<\/span><\/p>\n<ul>\n<li>\n\t\t\t\t\t<a href=\"https:\/\/www.techtarget.com\/contributor\/Alex-Scroxton\">Alex Scroxton,<\/a><br \/>\n\t\t\t\t\t\t<span>Security Editor<\/span>\n\t\t\t\t\t\t<\/li>\n<\/ul>\n<p>\n\tPublished: <span>05 Jan 2023 12:30<\/span>\n<\/p>\n<\/div>\n<section id=\"content-body\">\n<p>Staffers at the UK\u2019s <em>Guardian<\/em> newspaper have been informed that their offices will remain shut for at least a month, following the 20 December 2022 suspected <a href=\"https:\/\/www.techtarget.com\/searchsecurity\/definition\/ransomware\">ransomware attack<\/a> on the media organisation\u2019s systems.<\/p>\n<p>According to an internal notice <a href=\"https:\/\/pressgazette.co.uk\/publishers\/guardian-ransomware-attack\/\">seen by media sector publication <em>Press Gazette<\/em>,<\/a> Guardian Media Group (GMG) chief executive Anna Bateson said at the beginning of the week that journalists and other staff would have to continue to work from home.<\/p>\n<p>She said that a fortnight after the incident, a number of key systems still remain offline and are unavailable, and that this was a result of <a href=\"https:\/\/cyberplace.social\/@GossiTheDog\/109551895866149748\">the steps the organisation took to secure itself<\/a>.<\/p>\n<p>\u201cTo reduce strain on our networks and help the enterprise tech, ESD and other involved teams focus on the most essential fixes, everyone must work from home until at least Monday 23 January in the UK, US and Australia, unless you are specifically asked to work from our offices,\u201d said Bateson.<\/p>\n<p><a href=\"https:\/\/www.semafor.com\/article\/01\/03\/2023\/cyberattack-shutters-the-guardians-office-for-a-month\">Other reporting described a \u201ctotal nightmare\u201d<\/a>, with problems supposedly affecting print production, financial systems including payroll and expenses, and even the on-site canteen at GMG\u2019s London office.<\/p>\n<p>The incident is understood to have begun on the evening of Tuesday 20 December and. according to the <em>Guardian<\/em>, <a href=\"https:\/\/www.theguardian.com\/media\/2022\/dec\/21\/guardian-hit-by-serious-it-incident-believed-to-be-ransomware-attack\">which broke the news of the incident itself the following day<\/a>, affected unspecified parts of its infrastructure, although its online publishing systems were not affected, meaning the newspaper was able to continue to publish stories online.<\/p>\n<p>Two weeks on, confirmed details on the incident remain sparse and GMG has not made any further statements as to the precise nature of the incident, although its online subscriber help centre appears to have <a href=\"https:\/\/manage.theguardian.com\/help-centre\">acknowledged that it was indeed a ransomware attack<\/a>.<\/p>\n<p>Although it cannot be stated for certain that the attack on GMG was a targeted incident, what can be said with relative confidence is that media outlets are increasingly targeted by threat actors as such incidents can prove highly disruptive and are likely to resonate with a far wider audience.<\/p>\n<p>It can also be fairly said that reporting on major international incidents such as Russia\u2019s war on Ukraine may leave a title exposed to malicious actions by Russia-backed or aligned groups. Additionally, any publisher of titles that skew to the different ends of the political spectrum \u2013 in GMG\u2019s case, its titles lean to the liberal centre and left wings \u2013 may also find themselves the targets of politically motivated hacktivism.<\/p>\n<p>Dan Vasile, vice-president of strategic development at <a href=\"https:\/\/www.bluevoyant.com\/\">BlueVoyant<\/a>, and a former cyber security operator in the media sector, <a href=\"https:\/\/www.bluevoyant.com\/press-releases\/media-industry-cybersecurity-challenges\">conducted research into the security challenges that the media industry faces<\/a> in 2022.<\/p>\n<p>\u201cThe media industry is often targeted because of the influence it holds. Media companies get high-volume traffic and are trusted by their audience,\u201d Vasile told Computer Weekly in emailed comments.<\/p>\n<p>\u201cThis puts a target squarely on the backs of news organisations. The domino effect is in full force: <em><a href=\"https:\/\/therecord.media\/thomson-reuters-notifies-customers-of-exposed-server-with-unprotected-business-data\/\">Thomson Reuters<\/a>, <a href=\"https:\/\/techcrunch.com\/2022\/10\/27\/new-york-post-hacked-offensive-tweets\/\">The New York Post<\/a>, <a href=\"https:\/\/gizmodo.com\/fast-company-is-back-from-the-dead-after-being-hacked-1849623962\">Fast Company<\/a>, <\/em>and now <em>The Guardian<\/em>, among countless previously reported breaches.<\/p>\n<p>\u201cGenerally speaking, large media organisations have structured cyber security programs in place, but as companies\u2019 digital estates become well defended, malicious actors turn their attention to the supply chain, opening up a whole new attack surface,\u201d he said.<\/p>\n<p>The BlueVoyant research \u2013 which was published in August 2022 \u2013 said there were material security failings across the media sector\u2019s supplier ecosystem, compounding the issue.<\/p>\n<p>The incident at GMG also demonstrates a firmly established trend of executing large-scale cyber attacks around major holiday periods \u2013 <a href=\"https:\/\/www.techtarget.com\/searchsecurity\/news\/252503633\/Kaseya-ransomware-attacks-What-we-know-so-far\">the 2021 attack on Kaseya<\/a> that unfolded over the US 4 July holiday being an excellent example \u2013 with IT and security teams stretched thinly due to holiday cover, the chances of a successful attack can slightly increase.<\/p>\n<\/section>\n<section id=\"DigDeeperSplash\">\n<h4>\n\t\t\t<i data-icon=\"m\"><\/i>Read more on Data breach incident management and recovery<\/h4>\n<ul>\n<li><a id=\"DigDeeperItem-1\" href=\"https:\/\/www.techtarget.com\/searchsecurity\/news\/252528884\/Rackspace-Ransomware-attack-caused-by-zero-day-exploit\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/onlineimages\/ransom_g1264284948_01_searchsitetablet_520X173.jpg\" srcset=\"https:\/\/cdn.ttgtmedia.com\/rms\/onlineimages\/ransom_g1264284948_01_searchsitetablet_520X173.jpg 960w,https:\/\/cdn.ttgtmedia.com\/rms\/onlineimages\/ransom_g1264284948_01.jpg 1280w\" alt ><\/p>\n<h5>Rackspace: Ransomware attack caused by zero-day exploit<\/h5>\n<div>\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/onlineImages\/culafi_alexander.jpg\" alt=\"AlexanderCulafi\">\n\t\t\t\t\t\t\t\t\t<\/p>\n<p><span>By: <span>Alexander\u00a0Culafi<\/span><\/span>\n\t\t\t\t\t\t\t<\/p>\n<\/div>\n<p>\t\t\t\t<\/a><\/li>\n<li><a id=\"DigDeeperItem-2\" href=\"https:\/\/www.techtarget.com\/searchsecurity\/feature\/Top-10-ransomware-targets-in-2021-and-beyond\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/onlineimages\/ransom_g943330284_searchsitetablet_520X173.jpg\" srcset=\"https:\/\/cdn.ttgtmedia.com\/rms\/onlineimages\/ransom_g943330284_searchsitetablet_520X173.jpg 960w,https:\/\/cdn.ttgtmedia.com\/rms\/onlineimages\/ransom_g943330284.jpg 1280w\" alt ><\/p>\n<h5>Top 14 ransomware targets in 2023 and beyond<\/h5>\n<div>\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/onlineImages\/irei_alissa.jpg\" alt=\"AlissaIrei\">\n\t\t\t\t\t\t\t\t\t<\/p>\n<p><span>By: <span>Alissa\u00a0Irei<\/span><\/span>\n\t\t\t\t\t\t\t<\/p>\n<\/div>\n<p>\t\t\t\t<\/a><\/li>\n<li><a id=\"DigDeeperItem-3\" href=\"https:\/\/www.computerweekly.com\/news\/252528238\/Top-10-cyber-crime-stories-of-2022\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero Images\/Crime.Getty_searchsitetablet_520X173.jpg\" srcset=\"https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero%20Images\/Crime.Getty_searchsitetablet_520X173.jpg 960w,https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero%20Images\/Crime.Getty.jpg 1280w\" alt ><\/p>\n<h5>Top 10 cyber crime stories of 2022<\/h5>\n<div>\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/computerweekly\/Alex-Scroxton-CW-Contributor-2022.jpg\" alt=\"AlexScroxton\">\n\t\t\t\t\t\t\t\t\t<\/p>\n<p><span>By: <span>Alex\u00a0Scroxton<\/span><\/span>\n\t\t\t\t\t\t\t<\/p>\n<\/div>\n<p>\t\t\t\t<\/a><\/li>\n<li><a id=\"DigDeeperItem-4\" href=\"https:\/\/www.techtarget.com\/searchsecurity\/news\/252528594\/Play-ransomware-actors-bypass-ProxyNotShell-mitigations\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/onlineimages\/ransom_g886701618_searchsitetablet_520X173.jpg\" srcset=\"https:\/\/cdn.ttgtmedia.com\/rms\/onlineimages\/ransom_g886701618_searchsitetablet_520X173.jpg 960w,https:\/\/cdn.ttgtmedia.com\/rms\/onlineimages\/ransom_g886701618.jpg 1280w\" alt ><\/p>\n<h5>Play ransomware actors bypass ProxyNotShell mitigations<\/h5>\n<div>\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/onlineimages\/waldman_arielle.jpg\" alt=\"ArielleWaldman\">\n\t\t\t\t\t\t\t\t\t<\/p>\n<p><span>By: <span>Arielle\u00a0Waldman<\/span><\/span>\n\t\t\t\t\t\t\t<\/p>\n<\/div>\n<p>\t\t\t\t<\/a><\/li>\n<\/ul>\n<\/section>\n<\/div>\n<p><a href=\"https:\/\/www.computerweekly.com\/news\/252528896\/Fallout-from-Guardian-cyber-attack-to-last-at-least-a-month\" class=\"button purchase\" rel=\"nofollow noopener\" target=\"_blank\">Read More<\/a><br \/>\n Larisa Fetzer<\/p>\n","protected":false},"excerpt":{"rendered":"<p>BillionPhotos.com &#8211; stock.adobe. The Guardian newspaper\u2019s offices remained shut into the New Year following a supposed ransomware attack, with disruption likely to last some time By Alex Scroxton, Security Editor Published: 05 Jan 2023 12:30 Staffers at the UK\u2019s Guardian newspaper have been informed that their offices will remain shut for at least a month<\/p>\n","protected":false},"author":1,"featured_media":595316,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[23292,30090,46],"tags":[],"class_list":{"0":"post-595315","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-fallout","8":"category-guardian","9":"category-technology"},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/595315","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/comments?post=595315"}],"version-history":[{"count":0,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/595315\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media\/595316"}],"wp:attachment":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media?parent=595315"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/categories?post=595315"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/tags?post=595315"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}