Cyber attack takes Channel Nine off-air in Australia
Australia's Channel Nine was taken off-air during a live broadcast from its Sydney broadcasting facility. Their IT systems were taken offline that disrupted their live broadcasts. It is understood that a ransomware attack was detected and that the IT team had been working to bring back the live broadcasts as fast as they could.
A live morning programme, the NRL Sunday footy show, was being broadcast at the time and was taken off-air and had to be replaced with the Melbourne edition, transmitted from Melbourne's studio, that had not been affected by a cyber attack. The fully automated Sydney Channel Nine facility had lead to the cyber attack and Melbourne's IT system, which wasn't automated, was unaffected. No live broadcasts could take place until the cyber attack on the Sydney studio could be brought under control.
It is understood that this attack could be the work of foreign threat actors and that Channel Nine were seeking the assistance of the Australian Signals Directorate and the Australian Cyber Security Centre to look at this recent attack on their fully automated IT system.
VMware's principal cyber security strategist in the security business unit, Rick McElroy said the the attack on Channel Nine highlighted the growing threat from ransomware attacks.
“Not only are ransomware attacks getting increasingly sophisticated, the nature of ransomware attacks has also evolved to the point where organisations are experiencing the full brunt, damage and impact firsthand.
“Attackers will continue to take advantage of opportunities, leveraging the most efficient means to profit from an intrusion, often including redundancy planning in more recent intrusions. Ransomware-as-a-service has risen in popularity, providing cyber criminals with the necessary tools to carry out these types of attacks.
“Compounding these risks is the adage of affiliate programs for ransomware groups, providing new and unique ways for malware operators to have others deploy their payloads for a cut of the eventual profits,” VMWare's Rick McElroy said.
It seems that fully automated IT systems, such as those used by Channel Nine in their Sydney studio, need to be constantly monitored for any cyber attack risk and that being a live broadcaster, any disruption to their live broadcasting will be obvious to any viewer watching. As these sorts of ransomware attacks are now on the rise globally, broadcasters such as Channel Nine, need to protect their IT systems, otherwise their viewers will be looking at blank screens.