The British news organization The Guardian announced on Wednesday that a ransomware attack has disrupted its back-end operations.
After the ransomware attack on Tuesday night, the 200-year-old media company instructed employees to work from home. The Guardian shut down a portion of its technological infrastructure, with the print edition of the newspaper suffering the most.
“As everyone is aware, a serious incident has impacted our IT network and systems over the past twenty-four hours. We believe this is a ransomware attack, but are examining all possibilities,” Guardian Media Group officials stated on Wednesday.
According to the company, online publishing is unaffected, but the disruption to some internal systems may affect the print edition of the newspaper on Thursday.
Even though some of our internal systems are down, we are confident that we will be able to publish in print tomorrow, the Guardian reported.
The company has asked employees to work from home for the remainder of the week while restoration operations are underway but has not provided an estimate for when systems will be fully restored.
The Guardian has not disclosed any details regarding a potential ransom demand or the ransomware family used in the attack.
According to reports, the incident disrupted Wi-Fi access at the company’s headquarters and affected other shared computer systems as well, forcing office employees to work on mobile devices.
According to security researcher Kevin Beaumont, the impact of the incident may have been greater than the company claimed, with the company’s entire internal network being shut down.
“The Guardian outage appears to be quite severe; everything in ASN 35825 is offline; they had various on-premises systems, VPNs, and FTP servers that have vanished,” Beaumont stated.
“The external network links are active, and BGP appears to be functioning properly, but they’ve completely disabled the internal network,” the researcher added.
We have emailed the Guardian inquiring about the incident’s status.
UPDATE: A Guardian representative stated to us:
“There has been a significant incident affecting our IT network and systems. We believe this is a ransomware attack, but are still investigating all possibilities.
We continue to publish globally on our website and apps, and even though some of our internal systems are down, we expect to continue publishing in print. The vast majority of our employees can work remotely, as was the case during the pandemic, as our technology teams are working to address all aspects of this incident.
We will continue to inform our employees and anyone else affected.”