Isentia's breach and its impact on government departments Special

Posted Oct 31, 2020 by Tim Sandle
The media monitoring firm Isentia in Australia has been hit by a ransomware attack. What does this mean for the company's work with government departments and the Australian Stock Exchange?
Countries are constantly under a broad cyberattack from a  state-based actors  targeting governments...
Countries are constantly under a broad cyberattack from a "state-based actors" targeting governments, public services and businesses.
The impacted Australian company operates across eight markets, so the impact of the attack is significant. In terms of the form of the cybersecurity incident, while ransomware was not discussed, news outlets like The Guardian are suggesting this was the cause of the security beach.
The attack also signals the rise in ransomware-style attacks. These attacks are apparently increasing because a number of firms are paying out in order to have their systems restored.
In terms of the implications of the incident, Isentia has stated that the form of the attack led to a disruption of its services, most notably across its software-as-a-service (SaaS) Mediaportal platform.
Looking into the topic and the wider implications for Digital Journal is Steve Forbes, Government Cyber Security Expert at Nominet.
Forbes begins by looking at the significance of the attack both in Australia and around the world: “The impact of Isentia, a media-monitoring firm, being hit by a cyber attack demonstrates the interconnected world of national cyber defence."
He adds further that this is a special case, in terms of the type of organization being singled out for a cyberattack: "While a media monitoring firm wouldn’t typically be considered part of critical infrastructure, its work with many government departments and large organisations – such as the Australian Stock Exchange – has now been put on hold due to the cyberattack."
Forbes is mindful of the wider implications of the attack, noting: “This incident also reminds us of the importance of vetting third parties in terms of their cyber resilience. While the full details of this particular security breach are yet to emerge, best practice advice is to ensure third parties have at least similar practices and procedures as your own to keep sensitive data safe.”