The UK's Guardian newspaper hit by ransomware attack

[theregister.com] 1 month ago

UK broadsheet media outlet The Guardian has become the victim of a ransomware attack which seems to have taken out a large chunk of office-based systems.

Journalists at the center-left newspaper have continued to work from home and publish on its website, but according to the publication's own output, it has been hit by "a serious IT incident, which is believed to be a ransomware attack."

It said the attack hit on Tuesday night and has affected parts of the company's technology infrastructure, with staff told to work from home. Some disruption has occurred to behind-the-scenes services, but the company said it was confident it could still produce Thursday's print newspaper.

We can only assume there would be tears in the quinoa if it did not.

The Guardian Media Group chief executive, Anna Bateson, and the editor-in-chief, Katharine Viner, told staff: "As everyone knows, there has been a serious incident which has affected our IT network and systems in the last 24 hours. We believe this to be a ransomware attack but are continuing to consider all possibilities. Our technology teams have been working to deal with all aspects of this incident, with the vast majority of our staff able to work from home as we did during the pandemic."

The Guardian – which has broken important UK stories including the phone-hacking scandal and the 1990s cash-for-questions affair – said news organizations around the world have been regular targets for cyberattacks both by criminals and nation states, although at this stage the company said it believed the incident was likely to be a ransomware attack.

A report [PDF] by the Financial Crimes Enforcement Network (FinCEN), part of the US Treasury, found that the impact of ransomware attacks – measured in Bank Secrecy Act filings – hit $1.2 billion 2021, up 188 percent compared with 2020.

"FinCEN's analysis of ransomware-related BSA filings for 2021 indicates that ransomware continues to pose a significant threat to US critical infrastructure sectors, businesses, and the public," it said. ®