Ransomware Disruption at The Guardian to Last at Least a Month

Written by

A ransomware attack on one of the world’s oldest international newspapers at the end of 2022 will continue to cause operational issues for several more weeks, according to a new report.

Threat actors struck The Guardian on December 20, forcing the London-based newspaper’s owner, the Guardian Media Group, to order staff to work from home.

However, a new internal note from the group’s CEO, Anna Bateson, sent at the start of the new year, warned of more disruption to come, according to the Press Gazette.

“This is a further update on the serious disruption to our network and IT systems that began before Christmas. As a result of the steps we took to secure our network, a number of key systems have been taken offline and remain unavailable,” it reportedly explained.

“To reduce strain on our networks and help the enterprise tech, ESD and other involved teams focus on the most essential fixes, everyone must work from home until at least Monday January 23 in the UK, US and Australia, unless you are specifically asked to work from our offices.”

That will make it around a month after the attack first struck that staff including journalists will have been forced to work remotely.

However, that may be the least of the media group’s challenges as it deals with the fallout of the attack. In fact, staff have recent experience of working from home for extended periods during the pandemic and the paper continues to publish globally in print and to its website and apps.

It’s unclear what internal systems are impacted and if the threat actors were able to steal any data before being discovered. The report noted that Wi-Fi systems at the groups’ headquarters were knocked out, while it appears as if customer service phone lines are also affected.

So far, no threat group has claimed responsibility for the attack or posted data to a leak site.

Editorial credit icon image: Stanislau Palaukou / Shutterstock.com

What’s hot on Infosecurity Magazine?