Nine ‘isolates’ cyber attacker but warns restoration of services will ‘take time’
Nine Entertainment has warned it will ‘take time’ before its systems are up and running as Sunday’s cyber attack continues to cause operational chaos.
But in an update to staff, the media giant said it was confident it has ‘isolated the attacker and the destructive activity that was initiated’.
The business is now in a state of containment, according to chief information and technology officer Damian Cronan, with Nine focused on recovering its on-air, print, revenue-driven services and ‘other critical business services’.
Cronan, who described the attack as ‘significant, sophisticated and complex’, explained that the containment strategy has meant disconnecting its corporate network from the Internet.
“This has been an effective strategy. However, it also means several services that are dependent on the corporate network are not available,” Cronan said. “This will have a significant impact on business-as-usual processes across the organisation. We will be carefully assessing how we bring back controlled levels of connectivity into the network with an emphasis on service restoration and I want to be clear it will take time before all our systems are back up and running.”
Nine chief executive Mike Sneesby said a cross-business working group will focus on restoring key services, but warned staff they face on-going disruption with some tasks unable to be carried out.
He also praised the rapid reaction of its tech team that enabled the continuation of live broadcasts and which ‘minimised impacts to our broader business’.
“Over the last 48 hours I’ve seen countless cases of leadership, ingenuity and resilience as we pivoted quickly in key areas of our business to operate around current limitations,” Sneesby said.
He added that while the cyber attack was significant in scale – 9News described it ‘the largest cyber attack on a media company in Australia’s history’ – the internal response has allowed the company to ‘manage the clean-up in a structured way’.
The Australian Financial Review (AFR) announced last night that it has made all articles available to read without logging in as a result of the cyber attack.
