Australia Channel 9 News Ransomware Attack

In March, Channel 9 News, a major broadcaster in Australia, fell victim to a ransomware attack that significantly disrupted their ability to broadcast. This cyber attack demonstrated the potential of ransomware to hinder essential services.

Affected vertical: Media and Entertainment, specifically broadcast news.

MITRE Tactics:

  • Initial Access (TA0001): The adversaries likely gained access to the network through phishing, exploitation of public-facing applications, or other means.
  • Execution (TA0002): The ransomware was executed on the Channel 9 servers, encrypting critical files and disrupting operations.
  • Persistence (TA0003): The ransomware ensured its continued presence on the infected system.
  • Privilege Escalation (TA0004): The ransomware likely exploited vulnerabilities to gain high-level privileges.
  • Impact (TA0040): The immediate and tangible impact of the attack was the disruption of Channel 9’s broadcasting abilities.

Further Reading: