The news outlet’s parent company, Guardian Media Group, has instructed staff to work from home this week and to avoid using shared networks until computer systems have been cleared. Although parts of its IT infrastructure were seriously compromised in the cyberattack late Tuesday night, Guardian Media Group said the paper’s print version is still expected to make newspaper stands and shops on Thursday. The Guardian said that the publication’s online apps and global websites continue to run largely unaffected.
IT Infrastructure Affected, Staff Working from Home
The cyber incident was first reported by The Guardian Media Group’s chief executive Anna Bateson and the editor-in-chief, Katharine Viner, who told staff to work from home. “As everyone knows, there has been a serious incident which has affected our IT network and systems in the last 24 hours,” Bateson and Viner told staff. “We believe this to be a ransomware attack but are continuing to consider all possibilities.” The Guardian said IT infrastructure had been partially affected together with “some disruption to behind-the-scenes” services. No other details have been given about the incident. The attack allegedly knocked out WiFi access in buildings and disconnected shared services such as corporate communications and financial systems, The Financial Times said on Wednesday. Ransomware cybercrime can catch any industry by surprise and was considered this year’s top cyber concern by insurance giant Allianz. Usually, cybercriminals will lock up sensitive files belonging to an organization and threaten to release them unless their ransom demands are met publicly. Stolen data is also often posted and sold on the dark web. However, fewer organizations are now complying with ransomware threats.
Ransomware Has Been Around Since 1989
Ransomware has been a growing problem since 1989, when the internet was more of a proposal and not even public. Two years later, on Aug. 6, 1991, Tim Berners-Lee — widely accepted as the inventor of the World Wide Web — published the first-ever website. The first ransomware event more than three decades ago — dubbed the AIDS Trojan — resulted in a $189 ransom. While the malware was delivered at a conference via floppy disk, modern ransomware is most often injected by clicking malicious links and costs organizations worldwide billions of dollars every year. Cyberattacks on publishing companies, though, are uncommon. Ransomware actors usually look to exploit critical sectors like the medical industry and multi-billion dollar industries like the energy sector where they believe they can make quick monetary gains. In 2021, ransomware attacks hit 14 out of 16 U.S. critical infrastructure sectors. However, organizations like No More Ransom are now providing ransomware victims free decryption tools to thwart the cyber attacks and are suggesting victims stop paying cybercriminals altogether. Although ransomware attacks should not be taken lightly, cybercriminals do not always follow through with their threats — which end up being more of a bluff. One example is when the notorious ransomware gang LockBit failed to release sensitive files allegedly taken from major consulting firm Accenture in 2021 when their ransomware timer ran out. Discover all there is to know about this form of malware and how to protect yourself from it in our ransomware overview guide.
