Possibly the largest cyber attack on a media company in Australia’s history
Nine Entertainment’s broadcast and corporate business units were disrupted by a “cyber attack” early on Sunday morning, with the effects still being felt.
A “state actor” is the likely culprit behind the crippling cyber attack on the Nine Network, one geopolitical security expert has already said.
The Network is at the centre of possibly the largest cyber attack on a media company in Australia’s history, which brought network’s news production systems around the country to a grinding halt for more than 24 hours.
Major Australian law firm Allens, the Reserve Bank of New Zealand and the Australian Securities and Investment Commission are among other companies to be hit by the attacks, which are part of a spate of new threat activity.
Fergus Hanson, of the Australian Strategic Policy Institute, told the Network’s Today show that the fact ransomware was used but no ransom demanded pointed to a government behind the incident.
The company, which operates free-to-air stations such as Channel 9, confirmed the attack on Sunday evening, after earlier refusing to confirm or deny it had been hit.
The attack has taken down computer systems at Nine Sydney, which is located in North Sydney.
Reuters earlier reported that the company was trying to get its 6pm news bulletin done in Melbourne using a server that had not been compromised.
Earlier live broadcasts from Sydney were cancelled through the morning and replaced with either pre-recorded or interstate content, something unprecedented in recent memory.
Nine said its email systems did not appear to be impacted by the attack.
The Sydney Morning Herald, which is owned by Nine, reported the infection as “some kind of ransomware” attack, albeit using a malware strain or method not previously seen in Australia.
The infection is believed to be ransomware and impacted several thousand machines.
As at the time of this article, no group has claimed responsibility nor posted a ransom demand.
Investigators from the Australian Cyber Security Centre have been called in to investigate further and assist with the company’s recovery efforts.
A tweet by the Nine News twitter channel indicated that the company was also suspicious of potential state-actor intervention, making it the latest intriguing chapter in state-based threat actors’ activities in Australia.