Nine takedown: Remote and home work the new hackers paradise
In an overnight update, Nine’s CEO Mike Sneesby and CTO Damian Cronan asked staff to take specific measures to ensure remote working was secure. Three weeks ago the CMO of handset-turned-cyber security firm Blackberry told Mi3 remote working had turned Covid into a booming hacker and corporate espionage paradise – and a growth trigger for Blackberry’s reinvented business. There’s only one certainty, says Mark Wilson: who is next?
What you need to know:
- Nine overnight said it had contained a "sophisticated and complex" cyber attack.
- Its corporate network, however, had been disconnected from the internet and all internal networks such as broadcast, publishing and individual state operations had been unplugged from each other.
- Nine CEO Mike Sneesby highlighted the importance to staff of a note from Nine CTO Damian Cronin to "read and follow instructions...regarding diagnostics and remote working".
- Blackberry CMO Mark Wilson said Covid-induced remote working had spawned a booming “hacking as a service” industry in the past year.
- Corporate espionage was growing across industries beyond “the usual suspects” including gaming and healthcare, he said.
- Nine's attack follows a similar raid on the TV industry ratings service, OzTam, in July last year.
We’ve seen a huge rise in 'hack for hire' companies; for profit companies that people engage to hack other companies. So the hackers did not take a break. There was no Covid fatigue for them. They went out hard for different audiences.
Nine CEO Mike Sneesby asked staff in an update late yesterday to “read and follow instructions” at the end of an accompanying note from his CTO Damian Cronan “regarding diagnostics and remote working”, as a number of Nine’s core systems remained offline.
Cronin made it clear Nine had contained the “sophisticated and complex” cyber raid “and we are confident our technology teams have isolated the attacker and the specific destructive activity”. But Nine’s countermeasures meant its corporate network had been disconnected from the internet and all Nine’s internal networks such as broadcast, publishing and individual state operations had been disconnected from each other.
After an earlier hack which brought down the TV industry’s ratings service, OzTAM, in July last year, it was precisely Nine’s scenario that Blackberry’s CMO Mark Wilson warned of three weeks ago in Mi3.
Covid-induced remote working had spawned a booming “hacking as a service” industry for old hands and was behind a surge in hacker aspirants through 2020.
Hacking as a service
Although it remains speculation whether other nation states, opportunist hackers or corporate espionage was behind Nine’s attack, Wilson said companies engaging “hack-for-hire” to disrupt rivals and gather IP is becoming “more pervasive”.
“We’ve seen a huge rise in 'hack for hire' companies; for profit companies that people engage to hack other companies,” said Wilson. “So the hackers did not take a break. There was no Covid fatigue for them. They went out hard for different audiences.
“You can now be in hacking as a service – and you don't even need to be an expert in hacking. If you want to get into the business of extorting other people and ransomwaring other people, there's a website for that. You can create your own company and you can then basically outsource the whole hacking-as-a-service business. It’s crazy, but anybody can get into this business.”
Wilson said corporate espionage was growing across industries beyond “the usual suspects” including gaming and healthcare.
“One classic is healthcare,” he said. “They'll go after healthcare because healthcare is not these monolithic, large multinational companies. It can be more local organisations. They may not have the same security infrastructure that a Citibank has or Goldman Sachs has. So they can go after them…
“You may not think gaming would be a target, but it's an industry where there are technology and trade secrets – and people want them. It’s becoming more pervasive, and now more industries are being targeted than the usual suspects.”
The business and marketing industries are bracing for the impending storm brought about by Apple’s changing IDFAs (Identifier for Advertisers) and Google’s departing cookies, but location advertising is far from over Emma-Jayne Owens writes. Consent popups will be the gatekeepers of permission and brands and publishers will need to prove their value to land an ‘accept ’. It’s a good thing, but there is a big education job to do around this to help consumers understand their options. Here’s the why and how.
It may not feature in a marketer’s conventional media planning ‘matrix’ but the evidence is compelling around real ‘fans’ of TV formats showing major increases versus ‘viewers’ for ad attention and recall. Fans deliberately interact with content outside of viewing hours and – well, simply – as fans, they’re in the right mood. 10 ViacomCBS’s Michael Stanford lays it all out.