The Desk appreciates the support of readers who purchase products or services through links on our website. Learn more...

Nine Network, major Australian broadcaster, hit with massive cyberattack

The attack, which may have originated from Russia or North Korea, knocked Nine Network off the air over the weekend.

The attack, which may have originated from Russia or North Korea, knocked Nine Network off the air over the weekend.

An Australian television network has requested technical and investigatory assistance from the country’s federal government after the media company was afflicted by a massive cyberattack over the weekend.

The attack forced the Nine Network to suspend its morning news program and brought news production to a halt for more than 24 hours, according to a report on the broadcaster’s website.

The network typically broadcasts its news and other programming out of Sydney, Australia’s most-populated city, but it was forced to shift production to Melbourne and Canberra while the company’s technology teams worked to contain the attack.

It took technology specialists at Nine Network more than two days to contain and isolate the attack in a way that would allow them to bring their systems back online.

“Our focus in the first 24 hours was on containment, and we are confident our technology teams have isolated the attacker and the specific destructive activity that was initiated,” Damian Cronan, Nine Network’s chief technologist, said in a statement.

The attack was unusual in that it appeared to employ ransomware — a computer virus that holds a system and its files hostage until the owner of the device or network makes a payment to the attacker — but the attackers never demanded a ransom.

A cybersecurity expert who spoke with the television network said that the lack of ransom indicated the attack may have been directed by or originated from a foreign state, possibly Russia or North Korea.

“If you didn’t get asked to pay a ransom, you may be looking at other actors, including state actors,” security expert Fergus Hanson told a reporter with Nine Network’s breakfast news program “Today.”

Adding fuel to that speculation is Nine Network’s recent airing of news segments that were highly critical of foreign leaders. Among the segments was an in-depth piece on North Korean leader Kim Jong-un that aired on “60 Minutes,” an Australian franchise of the American news magazine program; before that segment aired, a news anchor described North Korea as a “petulant child” that “throws tantrums” when “it doesn’t get its way.”

The Nine Network is the highest-rated commercial television network in Australia. It competes against Network 10, which is owned by American media company ViacomCBS, as well as Seven Network and the non-commercial, government-funded Australian Broadcasting Corporation (ABC).

Michael Sneesby, the chief executive of Nine Network’s parent company Nine Entertainment Company, said the attack was “significant in scale, with high potential to disrupt our business.” And while some broadcast systems have been largely restored, the attack continues to cause problems within other parts of the company, including Nine Entertainment Company’s print and digital properties.

While technology experts continue to deal with the attack against Nine Network, members of Australia’s federal government are dealing with a separate attack of their own — one that appears to have compromise smartphones and tablets that had been issued to the country’s parliament workers.

A spokesperson for Australia’s Department of Parliamentary Services (DPS) said it was working to investigate the root of that attack.

“Some services on DPS-issued smartphones and tablets have been experiencing disruption over the weekend,” the spokesperson said. “DPS is working to resolve the issues, and some services have been restored.”

Andrew Hastie, Australia’s assistant minister for defense, said government officials were quick to recognize the cyberattack and act in its wake.

“The government acted quickly, and we have the best minds in the world working to ensure Australia remains the most secure place to operate online,” he said.

It was not clear as of Monday if the attack against the Australian government was related to the one against the Nine Network, nor was it known if government officials had agreed to investigate the attack against the broadcaster.

Photo of author

About the Author:

Matthew Keys

Matthew Keys is the publisher of The Desk and reports on the business and policy matters involving the broadcast television, streaming video and radio industries. He previously worked for Thomson Reuters, Disney-ABC, Tribune Broadcasting and McNaughton Newspapers. Matthew is based in Northern California, has won numerous awards in the field of journalism, and is a member of IRE (Investigative Reporters and Editors).