No conspiracies, no delays: Nielsen, OzTam back to overnight ratings on Wednesday after cyber attack
Blackberry CMO Mark Wilson: “We’ve seen a huge rise in 'hack for hire' companies. So the hackers did not take a break. There was no Covid fatigue for them.
A day out from Nielsen pledging it will be back to its usual overnight TV ratings service, media agencies are split on whether it will happen. Some say it could be weeks, citing a similar global ransomware attack on WPP in 2017, while others remain "suspicious" as scenarios spread on what, why and how. But as of yesterday, Nielsen and TV networks are solid on an imminent return. "There's no conspiracy", says one network executive.
What you need to know:
- Last week a ransomware attack seized all ratings reports coming from data and research firms OzTAM and Nielsen.
- This has left agencies without overnight ratings for shows including Big Brother's finale and Australian Ninja Warrior's debut.
- All manner of scenarios are beginning to circulate the industry on the timing of the hack and whether the ratings service will recommence tomorrow
- Some buyers say if the ratings block continues for weeks, advertisers will start assessing TV spending - no audience measurement, no money.
- TV network execs now expect today's overnight audience reporting (July 28) to be released on Wednesday morning (July 29). Hacked data from the last week will also follow on Wednesday but there is no timetable yet
- This morning Nielsen updated Mi3 on the current status of proceedings:
"We can confirm that all data has been collected from 21 July up until current and we are now working through our final QC processes. We will commence release of the data from Wednesday, 29 July, as previously communicated. This release will start with the data from 21 July and move forwards from there. We will be advising clients as the data becomes available tomorrow."
-
Some agencies remain cautious and critical of the deadline, claiming it was more likely to stretch out over weeks.
- Others have compared it to the attack WPP suffered globally in 2017, which took weeks to manage and cost the holding group millions of dollars.
- According to some, ransomware attacks are usually an "affordable sum" but offer no guarantees that once the money is paid, access will be granted.
- There is also significant cost in rebuilding and safeguarding systems from repeat attacks, as well as recovering lost data.
- Agencies say clients have been understanding for the most part but tensions will mount should the delays continue past the expected resolution date.
Under attack
Australian audience measurement research firms OzTAM and Nielsen have come under attack from an unknown ransomware blitz that has caused a total delay in overnight TV ratings since mid last week.
Ransomware is a type of malware that threatens to publish the victim's data or perpetually block access to it unless a ransom is paid.
Occurring last week, the move has seen TV audience reporting halted, with figures for major tentpole shows such as Seven's Big Brother finale and Nine's Australian Ninja Warrior unavailable, along with a host of other new show launches and finales.
It's the timing of the cyber attack that has many agency buyers speculating and concerned. As the networks shift to second half programming, they say it's "suspicious" that a cyber attack has hit. But they're not yet sure what to be suspicious of.
Some told Mi3 the industry should be prepared for longer delays; others have compared it to the attack WPP suffered globally in 2017, which took weeks to manage and cost the holding group millions of dollars.
"I think it's highly unlikely that we'll have a resolution by Wednesday - I think [Nielsen] has just opted for that date because that's when we do post reporting," one buyer said.
Generally, businesses avoid paying ransom fees - paying doesn't guarantee access or that another attack won't happen. These types of attacks continue to grow in their use, while the ransom amounts varies.
Often the fee is relatively low and is made to be affordable to the target or business under siege. However the real cost comes from safeguarding up systems against further would-be attackers, while also recovering lost data.
In the case of WPP, which also impacted several Australian agencies at the time, staffers with infected computers were told it would cost $300 in Bitcoin to unlock their devices.
Former WPP global boss Martin Sorrell said there were incremental costs of about $10-15 million in 2018 and beyond to WPP.
Major international fitness and technology brand Garmin just became the latest victim of a suspected ransomware attack which targeted its Connect platform that hold users' workout data.
It is understood the attack took place on Wednesday and is also affecting its call centres, leaving the company unable to receive any calls, emails or online chats.
On the OzTam front, TV network executives say a resolution is imminent. "There's no conspiracy," one told Mi3.
Nielsen said in an updated statement today it was on track to have TV ratings data available by Wednesday, 29 July, and is working to get data available and released before that date.
"We can confirm that all data has been collected from 21 July up until current and we are now working through our final QC processes. We will commence release of the data from Wednesday, 29 July, as previously communicated. This release will start with the data from 21 July and move forwards from there. We will be advising clients as the data becomes available tomorrow."
Nielsen thanked its clients and the industry for their "patience and understanding" while the team works through this "unprecedented situation".
