Cyberattacks on news organizations are not a new thing for their huge readership bases, and their new victim is “The Guardian.” On December 20, 2022, the Guardian’s media editor was the first to report this cyber attack incident. The daily newspaper’s chief executive, Anna Bateson, and editor-in-chief, Katharine Viner, later confirmed the cyber attack and also said that their IT infrastructure has been severely hampered. This attack is speculated to be a ransomware attack, but the newspaper group is looking into all possibilities.
The online publication of the newspaper was not largely affected by this cyber attack. Even the incident of their own cyber security breach was published on The Guardian’s website. But “behind the scenes,” services were facing continuous disruptions, and most of the employees were said to adopt the work-from-home model for this week. Questions like whether any ransom demands have been made, how the system was compromised, or whether any data was stolen are coming to the forefront, yet the information about them is quite vague. But let us look into some key things, like what ransomware is, how it affects organizations, and how it can be tackled, to get a better understanding of this cyber attack.
What Is Ransomware?
Ransomware is a type of extortion software that prevents an organization or a user from accessing their system or personal files and demands a huge ransom in order to provide access to the desired files. The person or group committing this crime frequently dupes an organization or a user by failing to keep their end of the bargain in terms of providing access.
Different Types Of Ransomware
There are many variants of ransomware in the market. The most common among them are:
Screen Lockers: If, while starting up your computer, you find that all the files have become inaccessible and the system has frozen with a ransom demand on your lock screen and a countdown clock, then your system has become infected with screen locker ransomware.
Leakware Or Doxaware: This type of ransomware is used by hackers to threaten an organization or a person to leak their personal sensitive information into the public domain or sell them in the wrong hands which may hamper their reputation.
Scareware: Sometimes you will find pop-up messages claiming that your computer is infected with a virus and that you need to pay to resolve the issue. These are scareware ransomware programs that often scam individuals.
RaaS (Ransomware as a Service): In this, the hacker handles all aspects of the process, from corrupting the system to providing access, for a part of the ransom amount.
Encryption or crypto-ransomware: One of the most dangerous types of ransomware, it encrypts an organization’s or a person’s data and files, which can only be accessed with a decryption key.
Other Recent Cyber Attacks
In this year alone, there have been horrific cases of cybercrime in different sectors. Some of them are:
Fast Company Issue: On September 25, Fast Company, a monthly American magazine focusing on technology, was hacked, and obscene push notifications with a racist slur were sent to users who had subscribed to Apple News. The company’s website was restored after 8 days.
The New York Post Issue: On October 27, one of the biggest daily newspapers in New York, The New York Post’s website and Twitter account got hacked, and several sexually violent images and racist slurs were posted. They claimed that the incident was caused by a rogue employee.
The AIIMS Issue: On November 23, the AIIMS server was breached, and all the online activities of this prestigious institution came to halt. Investigations rubbished any sort of ransom amount in this event, which was claimed by the local news agencies, but a huge amount of data was lost due to this attack.
The Twitter Issue: On August 5, Twitter confirmed the security breach, in which data from 5.4 million accounts were stolen.
Ransomware Spread Methods
Hackers are always looking for a creative way to corrupt the systems of an organization. Some of the common methods are:
- A credible email containing a zip, pdf, doc, or image file is sent and contains malware. On opening it, the system gets corrupted immediately.
- Hackers use malware advertising to infect systems with ransomware. On clicking the advertisement, the software scans all the details and looks for vulnerable spots.
- Downloading pirated software can backfire, as it often contains preloaded malware.
- You can reach other computers via a network connection by using RDP (Remote Desktop Protocol). Network nodes are often attacked by ransomware.
Ransomware Protection Tips
There are some simple methods by which you can avoid becoming the next victim of a ransomware attack. The methods include:
- Do not open unidentified emails or links present in those emails.
- To protect a system from its vulnerabilities, always keep the programs, software, and applications updated.
- Create a backup and, while doing so, follow the 3-2-1 rule: create three backup files on two different devices and one in a separate location.
- Employees should be educated about cyber security culture to avoid mistakes while performing online tasks.
- Apply the principle of least privilege and segment your network for safety.
The true reason for the cyberattack on The Guardian is still unknown. But all organizations must implement and enforce appropriate cyber security measures to avoid falling into the hands of such hackers who exploit sensitive information for their own benefit.