In a Tweet posted on the 28 March 2021, 9News Australia announced that it was under attack by hackers. They were unsure if it was criminal sabotage or the work of a foreign nation - the source of the attack is still being investigated.
Nine's IT systems were offline overnight but were up in time for the Today Show to air this morning.
There is talk online of the attack being ransomware however, Nine has not received any demands as yet and therefore, the reason of the attack is unclear at this stage.
Nine is working with the Australian Cyber Security Centre in order to resolve the issue and at this stage, Vanessa Morley - Nine Entertainment's Director of People & Culture, has instructed all employees to work from home indefinitely, while they deal with the cyber attack.
The technology that brings you 9 News every night is under attack by hackers.— 9News Australia (@9NewsAUS) March 28, 2021
Whether it's criminal sabotage or the work of a foreign nation is still being investigated, but this attack could reveal a nationwide vulnerability. @MarkWBurrows #9News pic.twitter.com/YL8l1DLNVV
Treasurer Josh Frydenberg said the threat is 'very real'.
"We are as a government investing record amounts of money in ensuring that not only government systems are equipped to deal with this cyber threat but that we're working with the business community and the private sector more generally to ensure that their systems are best in class. Because this threat is not going away," he told Today.
"Whether it's other governments or whether it's criminal organisations, cyber security is the new battle front. It's the new front line. It's where there is a war every single day."
The Potential Cyber Attack in Canberra
Meanwhile, The Australian Parliament is also investigating a potential cyber attack in Canberra on Sunday night, which is affecting government issued smart phones and tablets.
The department of parliamentary services (DPS) email network was shut down over the weekend due to an IT system issue.
Assistant Defence Minister Andrew Hastie said the fault was linked to an external provider, with the connection to government systems severed immediately as a precaution.
“DPS is working to resolve the issues and some services have been restored, some services on DPS issued smartphones and tablets have been experiencing disruptions over the weekend.”
“The government acted quickly, and we have the best minds in the world working to ensure Australia remains the most secure place to operate online,”
Mr Hastie said the situation served as a "timely reminder" for Australians not to be complacent on cybersecurity.
"Cybersecurity is a team effort and a shared responsibility," he said.
"It is vital that Australian businesses and organisations are alert to this threat and take the necessary steps to ensure our digital sovereignty."
Protecting Critical Infrastructure Bill
There is a new bill being discussed in parliament at the moment that could see a base level of cyber security measures enforced for all Australian entities classed as providing 'critical infrastructure' to Australians.
The details of what will be required and who will be affected are under design at this stage.
What is a Cyber Breach?
It is considered a cyber breach when part of your business is accessed unlawfully. This could be an ex employee logging in, or a hacker gaining access to your systems.
If you have cyber breach you may be legally required to notify the Australian government. Failure to notify can result in fines of $360,000 for individuals and $1.8million for businesses.
It's important to have the right measures in place to identify if you have had a breach, and if you do, what steps to follow to notify the right parties.
We recommend creating an Incident Response Plan for your business, your company lawyer, IT support team and leadership teams should be involved in the developing the plan. Once it is created we recommend doing a practice run so in the event that you do have a breach, you are well prepared to invoke your plan.
Check out our free template to get started.
How Can I Protect Myself?
For individuals there are a lot of things you can do that don't require a lot of investment. Most computers today come with the ability to encrypt, check out our guide on how to set up encryption. Choose an anti virus platform that is right for you, and has extra features, checkout our guide to buying the right antivirus.
Besides the technology read through the government's little black book of scams to get familiar with what a scam email or website could look like. Your best defense is arming yourself with the knowledge on how to identify something malicious.
How Can I Protect My Business?
Education and proactive prevention are key. Ransomware commonly enters a business through malicious emails so, having an email filtering and ‘containerisation’ platform in place is step one.
Ensuring you are in compliance with the Australian Government's ASD Essential 8 security recommendations is your first step. We have a cybersecurity team that was built with the ASD Essential 8 principles at it's core and would love to secure your business.
Technology is advancing all the time and there are some relatively inexpensive and 'quick wins' you can implement to be protected:
- Audit and create a list of all your business applications, and their security features (you can use this template to get the job done)
- Foster a cybersecurity culture in your business
- Turn on encryption for all of your computers
- Educate your team on how to identify a scam
- Follow these 5 steps to stay safe online
- Check out this post on keeping your remote workforce safe
- Talk to us about dark web scanning
- Check your insurance to see if you have cybersecurity insurance included
Cybersecurity is talked about a lot today, and for a good reason. It can be really easy to fall victim to a cyberattack, it's not just big companies that are targeted. Your best defense is education and awareness, with technology as your backup, knowing how to identify something malicious is the best way to keep you and your business safe online.
Our cybersecurity team across Melbourne, Sydney and Brisbane can help you assess whether you have the right measures in place, and what else you can do to stay safe online, get in touch to learn more.