2023-04-24 19:18:19
NZZ blackmailers postpone “publication date”
Hackers threaten the “Neue Zürcher Zeitung” and CH Media with the publication of confidential data. The ultimatum was postponed from Monday to Tuesday.
The NZZ had to temporarily reduce its number of pages. Now the blackmailers are threatening another blow.
Photo: Keystone
The two Swiss media houses NZZ and CH Media are being blackmailed by cybercriminals. A group called Play has announced that it will publish confidential data – such as “projects, payroll, employee information”. The publication date is April 24th, the blackmailers announced last week on the dark web, a hidden part of the internet that is only accessible with special software.
Those responsible in the affected Swiss publishers are correspondingly tense. There, it was originally hoped that the blackmailers would be bluffing and not be able to capture a great deal of data, the publication of which would cause difficulties for the media houses. According to initial findings, no large amount of data was lost, the NZZ and CH Media announced a week ago.
But towards the end of the week, the situation apparently worsened: “The investigations have now shown that the attackers stole more data than initially assumed,” quoted the “Blick” from a letter from NZZ CEO Felix Graf to employees. “These are probably confidential data. How big the extent is and which data is specifically affected is still the subject of ongoing investigations.”
The blackmailers have not yet published any data on Monday. Instead, they have postponed their “publication date” on the Darknet to Tuesday, April 25th.
Newspaper production is still affected
The joint IT systems of NZZ and CH Media were attacked a month ago, on March 24th. As a result, East Swiss radio FM1 had to broadcast from Zurich instead of St. Gallen for a week. And there were major problems with newspaper production and e-paper.
Some NZZ editions appeared with a slightly reduced size. It hit CH Media much more seriously: The “Aargauer Zeitung”, the “Luzerner Zeitung” and the “St. Galler Tagblatt» might only be published as a standard edition for a long time – without different regional sections. This problem has now been resolved. But not all interfaces work by a long shot. This makes the production of the newspapers much more complex than before the blackmailers attacked. For example, the automatic placement of images on the newspaper pages does not yet work properly.
Digital crime is increasing rapidly in Switzerland
The NZZ and CH Media are working together with the police. In an internal letter, NZZ CEO Felix Graf warned the workforce once morest downloading and opening any data from the Darknet. Otherwise you run the risk of injecting further malware and viruses. This might once more impair the functioning of the systems.
The two publishing houses are not the first victims of the Play extortion group. As the specialist magazine “Inside IT” reported, the company Energie Pool Schweiz was also targeted by hackers in February. At the end of 2022, the hotel chain H-Hotels was hit. The blackmailers published invoices, identity cards and bookings of hotel guests on the Darknet.
So the Play Group wants money and not any political goals. It has only been appearing under this name for almost a year and was initially mainly active in Latin America. But according to Inside IT, it has also struck in Hungary, India, Spain and the Netherlands. Among other things, it exploits unresolved vulnerabilities in the Microsoft Exchange server software and sometimes adds the “.play” extension to files.
The business appears to be lucrative. In any case, digital crime is increasing rapidly, also in Switzerland. The National Center for Cyber Security receives between 400 and 1000 reports per week. As a rule, the hackers do not specifically select a person or a company, but look everywhere for weak points and take what they can get. For example at Swiss Exhibition, the Comparis comparison service or the Neuenburger Kantonalbank. They have all been victims of cyber criminals. So it can happen to anyone. The more digital vulnerabilities you leave open, the more likely it is.
Found a mistake?Report now.
1682370691
#Consequences #cyber #attack #NZZ #blackmailers #postpone #publication #date
