Australia’s Nine Network has been the target of what may be the largest-scale cyber attack thus far on an Australian media company.
The Nine Network’s productions systems were hit early on Sunday morning, bringing it to a halt for over 24 hours and affecting live television, the 9news website and even publishing operations.
Nine programming Weekend Today Show, the Sunday sports program, and the Melbourne 5pm news were unable to air as engineers and IT specialists scrambled. The Australian Financial Review, the news outlet owned by Nine, said it also experienced disruptions.
“Our IT teams are working around the clock to fully restore our systems which have primarily affected our Broadcast and Corporate business units,” Nine Network said in a statement.
Repairs are now underway, although it may be weeks before the Nine Network’s systems are completely back to normal.
Who is behind the attack?
While there is still no official word on who is responsible for the attack, Australian Strategic Policy Institute director Fergus Hanson has told Nine that a “state actor” may be the culprit. Ransomware without a ransom, Hanson suggested, means that this could be the work of a foreign government.
“If you did get asked to pay a ransom, it might be a ransomware attack, in which case you would be looking at a cyber criminal … If you didn’t get asked to pay a ransom, you may be looking at other actors, including state actors,” Mr Hanson told Nine.
The network’s reporting on certain overseas governments is being looked at as potential cause for cyber-criminal targeting. Tonight, for example, it is airing an investigation into the poisoning of overseas dissidents – allegedly ordered by Russian President Vladimir Putin.
“That would be absolutely something you would be looking into. I think that type of reporting that rubs authoritarian leaders the wrong way can certainly motivate this type of attack,” Mr Hanson said.
The Australian Government has also been in the midst of an IT disturbance, although this is not being called an “attack.”
A number of Federal Parliament staff members were left unable to access emails throughout the weekend, the result of suspicious activity noticed by Department of Parliamentary Services (DPS) systems.
“The government is aware of an issue impacting the DPS IT system,” Assistant Minister for Defence Andrew Hastie said in a statement. “The issue relates to an external provider, and once the issue was detected the connection to government systems was cut immediately as a precaution.”
A source for ABC News said that a “hacker ‘tried so clumsily to compromise the DPS system in particular, that the system itself noticed and shut down, exactly like [it was] designed to do’.”
Businesses on high alert
Businesses are being urged to look through their cyber security processes and systems to ensure they are not left vulnerable.
Neil Pollock, CEO of cyber security company FirstWave Cloud Technology, said the attack on Nine Network highlights the need for “a national cybersecurity standard” to be implemented across all Australian businesses.
“This is because businesses that have their own cybersecurity protections in place are still far from secure if their external providers, partners, and customers are not taking the same precautions.
“We’re in an era where every business is part of a digital ecosystem, and a cyber attack in one corner of that ecosystem can quickly and significantly impact businesses in other corners. This incident highlights that businesses of all sizes and levels of technical sophistication can be targets of cybercrime. There needs to be a proactive approach from the top down, and across all aspects of the business, to cybersecurity training, technology, and capabilities.”
Ian Yip, CEO of cybersecurity software company Avertro, pointed out the huge costs these types of attacks can have on businesses. This Nine Network attack, he says, could end up costing the media giant “millions when combining the revenue impact with the post incident clean up.”
“Cybersecurity is often highlighted in the headlines as a matter of national security. While it may yet prove to be the case should the perpetrator be identified as a nation state, it has fallen to a broadcaster of headlines to clearly show via its own misfortune that cyber risk is a major business issue that has very real financial implications,” Mr Yip said.
“Every company executive, director, and business owner should be looking at their own organisation, determining the impact and potential revenue loss in the event of a cyber incident, and refining their strategy to prioritise and focus on reducing the risk and impact that a cyber attack could have on them.”