However, iTWire understands that the mess caused by the network attack is still being cleaned up and there is no assurance that all programming on Channel Nine will proceed as usual on Monday.
Ransomware is being rebranded cyber attack by victims. I don’t have an informed opinion as to if that’s a good or bad thing, but it’s definitely a pattern. https://t.co/UGlnbeFoc4— Kevin Beaumont (@GossiTheDog) March 24, 2021
One of the company's main newspaper websites, The Age Online, appeared to be only partially updated this morning, judging by the stories that were online on Sunday evening.
The company said it had no update to offer about the attack this morning. Media reports indicate that Nine has not received any request for a ransom.
Well-known British security researcher Kevin Beaumont tweeted a few days back that ransomware attacks were increasingly being described as "cyber attacks".
lol turning a cyberattack on your own tv station into a breaking news story is the most meta move ever— aidswidjaja (@adrianpenguin1) March 28, 2021
Some media reports have drawn what appears to be a long bow, linking the attack to Nine's scheduling a program about Russia's use of chemical poisons to kill its enemies abroad, as part of its new Under Investigation series.
Didn't pay their iinet bill.— Aussie_xrp. (@Aussie90107270) March 28, 2021
Presented by veteran Liz Hayes, the program is scheduled to go to air on Monday night. It has already looked at China's role in COVID-19.
Reports also say that the Australian Cyber Security Centre has been asked for help in tackling the aftermath of the attack.
Channel 7 ?— Pete McCormack (@PMc108) March 28, 2021
Commenting on the attack, Rick McElroy, principal cyber security strategist, VMware Security Business Unit, said: "Attackers will continue to take advantage of opportunities, leveraging the most efficient means to profit from an intrusion, often including redundancy planning in more recent intrusions.
"Ransomware-as-a-service has risen in popularity providing cyber criminals with the necessary tools to carry out these types of attacks.
The prevailing theory is a disgruntled employee, unhappy over recent contract negotiations. Police reportedly have few leads, but sources confirm screens throughout Channel 9 read 'MoRE hONEY!" pic.twitter.com/fbghtguebN— David Scott Aubrey (@davidakaclean) March 28, 2021
"Compounding these risks is the adage of affiliate programs for ransomware groups, providing new and unique ways for malware operators to have others deploy their payloads for a cut of the eventual profits.
"We’re also seeing a lot of secondary extortion, in which cyber criminals look to profit twice from an attack, forcing organisations to not only pay to decrypt data but also prevent sensitive data from being sold or released publicly.
"Organisations should invest in workload security micro-segmentation, as well as identity and access solutions that are built into their cloud stacks, rather than bolted on after the fact.
"There are a lot of solutions that are deployed into cloud environments but weren’t built with cloud threats in mind. Organisations should look to technologies that intrinsically deliver security as part of the solution.
"If organisations don’t have the expertise in cloud security, they should look to partner with a vendor or managed service provider who can deliver those services effectively.”