Guardian newspaper hit by suspected ransomware attack, staff told not to come to office
The Guardian's headquarters in London. Image: Wikimedia Commons
Alexander Martin December 21, 2022

Guardian newspaper hit by suspected ransomware attack, staff told not to come to office

Alexander Martin

December 21, 2022

Guardian newspaper hit by suspected ransomware attack, staff told not to come to office

Staff at The Guardian newspaper have been told not to come into the office and to work from home for the rest of the week due to a suspected ransomware attack which struck late on Tuesday.

The attack has impacted a number of business services at the 200-year-old news organization, but not its online site and apps which will continue to publish stories.

An email sent to The Guardian’s employees on Wednesday and seen by The Record tells staff: “The issues affecting Kings Place, the VPN, and the wires are ongoing, and our IT and engineering teams are working to resolve them.”

It is not yet clear what if any data the attackers may have accessed or stolen, but the sensitive information held on newsroom systems could cause a significant data protection breach if one has taken place, alongside potentially exposing sources.

Staff have been sent several emails asking them not to come into its offices at Kings Place in London, although an email from Anna Bateson, the Guardian Media Group’s chief executive, co-signed by editor Kath Viner, says they are “confident we will be able to publish in print tomorrow.”

Considered one of the U.K.’s papers of record, and its most prominent newspaper with a liberal leaning, the Guardian has a print circulation of around 100,000, and reaches tens of millions of people online.

The attack is the latest incident in the United Kingdom, where ransomware has been responsible for the majority of the British government’s recent crisis management ‘Cobra’ meetings.  Officials dealing directly with the ransomware issue told The Record they saw no light at the end of the tunnel, even of the prospect of any improvements which could help the U.K. clamp down on the problem.

At the time they said they were seeing “an increasingly successful business model” with “ransom demands increasing” and “payments increasing” and it becoming “harder to avoid paying a ransom because the entire ecosystem is pushing that way.”

In a statement sent to The Record — which matches the email sent by Bateson and Viner — a spokesperson for The Guardian said: “There has been a serious incident which has affected our IT network and systems in the last 24 hours. We believe this to be a ransomware attack but are continuing to consider all possibilities.

“We are continuing to publish globally to our website and apps and although some of our internal systems are affected, we are confident we will be able to publish in print tomorrow. Our technology teams have been working to deal with all aspects of this incident, with the vast majority of our staff able to work from home as we did during the pandemic.

“We will continue to keep our staff and anyone else affected informed,” the email added.

Alexander Martin is the UK Editor for Recorded Future News. He was previously a technology reporter for Sky News and is also a fellow at the European Cyber Conflict Research Initiative.