The Guardian ransomware attack hits week two as staff told to work from home Long-standing British newspaper The Guardian has told staff to continue working from home and notified the UK's data privacy watchdog about the security breach following a suspected ransomware attack before Christmas. The publication broke the news about the "serious IT incident" on its systems on December 21, and said the …
"We have been able to keep publishing our journalism..."
..and all of your clients' email services are restored, along with legacy data? Oh! Wait, you don't do that! Could you spare some time for a little outfit in San Antonio? I'm sure they have the space, and you could rack up some column inches too!
It was probably the Russians in retaliation for outing Sergei Roldugin the Cellist who holds and looks after Putin’s embezzled money for him. Or the two largest Five Eyes countries for the Snowden leaks etc. They do seem to have made quite a few enemies with their fearless and often misspelled investigative reporting.
So the guardian are enduring a cyberattack but on the outside it’s business as usual.
For a tech rag we should be seeing detail on how they’ve done that.
I assume they are cloud heavy, but what about all that confidential whistleblowing documentation they hopefully have securely stored?
Is that data safe?
Are whistle blowers past and future safe against hackers or nation states who want to reveal their identities?
Glad its not affected output as I rely on them for quality articles like this
'Upward-thrusting buildings ejaculating into the sky' – do cities have to be so sexist?"
https://www.theguardian.com/artanddesign/2020/jul/06/upward-thrusting-buildings-ejaculating-cities-sexist-leslie-kern-phallic-feminist-city-toxic-masculinity
So you had to go back two and a half years and into the obscure "art and design" section for a piece by a non-staff non-journalist to find something to fit your prejudices? Pretty desperate.
By the standards of these things the Graun is one of the better general news sources, but far from perfect. See this for a recent example of stick-extremity confusion: https://www.theguardian.com/commentisfree/2022/nov/09/twitter-mastodon-parler-elon-musk
-A.
I am going to assume email phishing because that seems to be the most popular. Most email clients fail at showing the from address and instead just show display name, this has always bothered me.
Masquerading as an existing employee is relatively simple, because people just see the display name.
The “this email is external source” pre header warning some companies might deploy isn’t something that happens automatically, someone has to set that up.
OK. Who's job was it to guard the Guardian?
Yes, yes, rather more than fashionably late to the party.
"We have been able to keep publishing our journalism digitally and in print, but a number of key IT systems have been affected."
So the finance (sub-)system is down? What else should a newspaper* need?
*showing my age here.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2023
