Fraud Management & Cybercrime , Ransomware

Guardian Newspaper Offices Still Empty After December Attack

Employees Asked to Continue Work From Home Through Jan. 23 After Ransomware Attack
Guardian Newspaper Offices Still Empty After December Attack
(Image: Bryantbob via Wikimedia Commons)

Britain's The Guardian newspaper has asked the majority of its workforce to continue working from home until Jan. 23 as the organization continues to recover from the December ransomware attack on its networks.

See Also: Live Webinar | Navigating the Difficulties of Patching OT

In an email sent on Monday, nearly two weeks after the attack, Guardian Media Group CEO Anna Bateson asked employees to continue to work from home to reduce demands on the organization's networks as it continues to restore affected systems. (see: Guardian Ransomware Attack May Presage Holiday Blitzkrieg).

The edict applies to employees at The Guardian's London headquarters, as well as staff in Australia and New York. Guardian Media Group is estimated to have a circulation of 105,000 and it is the seventh-most-read news site in the world.

The organization on Dec. 21 experienced a ransomware attack, in which hackers compromised the newspaper's IT infrastructure. Although the incident did not affect newspaper production or other operations, the organization asked employees to work from home as a precautionary measure.

"We have asked most staff to work from home for the next three weeks to allow our technical teams to focus on essential technical work," a spokesperson for The Guardian told Information Security Media Group on Wednesday. "The work to restore our systems fully is ongoing and will take some weeks."

Although details about the threat actors and ransom involved remain unclear, British cybersecurity expert Kevin Beaumont revealed in a Mastodon post that The Guardian attack appeared to have affected the publication's on-premises infrastructure.

"While The Guardian's cloud infrastructure remains online, he said, "it looks like the on-prem Windows infrastructure has bit the dust. The external network links are up, BGP looks fine, but they've taken the internal network offline entirely."


About the Author

Akshaya Asokan

Akshaya Asokan

Senior Correspondent, ISMG

Asokan is a U.K.-based senior correspondent for Information Security Media Group's global news desk. She previously worked with IDG and other publications, reporting on developments in technology, minority rights and education.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.