The Guardian newspaper offices close after ransomware attack

A leading British newspaper hit by a suspected ransomware attack last month told workers it will keep its offices closed for another three weeks, according to a published report.

The Guardian — which is headquartered in London and has offices in New York and Australia — has had staff work remotely since the publisher’s global IT systems was hacked Dec. 20.

Guardian Media Group Chief Executive Officer Anna Bateson circulated a note Monday, saying that all staff must continue to work from home, according to the Press Gazette.

“This is a further update on the serious disruption to our network and IT systems that began before Christmas,” Bateson wrote. “As a result of the steps we took to secure our network, a number of key systems have been taken offline and remain unavailable.”

The CEO said all offices will be closed until at least Jan. 23 in order to “reduce the strain” on the company’s networks as it fixes the problem.

The Guardian did not respond to requests on further information on the attack.

Ransomware attacks usually involve hackers gaining access to the company’s computer system and then installing software that encrypts every document and file which can be found, turning it into a secret code. Hackers then demand payment, often in Bitcoin, in exchange of am encryption key that restores the files.

When the incident was first announced by The Guardian on Dec. 21, Bateson and editor in chief Katherine Viner told staff: “As everyone knows, there has been a serious incident which has affected our IT network and systems in the last 24 hours. We believe this to be a ransomware attack but are continuing to consider all possibilities.”

They said The Guardian would continue to publish globally, adding that the attack likely took out internal wifi systems. The paper has a circulation of more than 100,000 and operates a website.

New York Post-parent News Corp. was a target of an online attack last February.

“We appear to have been the target of persistent nation-state attack activity that affected a limited number of our employees,” News Corp chief technology officer David Kline and chief information security officer Billy O’Brien wrote in an email to employees. “Mandiant [a cyber tech firm hired to investigate] assesses that those behind this activity have a China nexus and believes they are likely involved in espionage activities to collect intelligence to benefit China’s interests.”

“We will not tolerate attacks on our journalism, nor will we be deterred from our reporting, which provides readers everywhere with the news that matters,” Kline and O’Brien wrote.