The Today show reported that Nine has become “the victim of a mass cyber attack this morning and is the biggest on a media company in Australia’s history”.

“The sophisticated attack compromised Nine’s news bulletins around the country forcing digital production systems off-air. The nature of the cyber attack is being investigated and whether it has come from a foreign source.”

Stefanovic opened Today on Monday morning, saying “Bear with us as we try and work around these technical issues caused by Vladimir… We’re not blaming anybody in particular.”

“We’re not sure where it’s come from yet and we’re working through it this morning.”

The cyberattack on Nine has forced the company to order staff to work from home indefinitely and left some of its most popular weekend shows off air as the broadcaster scrambles to find a way to produce its slate of live ­programs.

The attack — the origins of which were not made public — forced the network to run pre-recorded shows instead of its usual live Sunday programming, with the flagship 6pm state-based news bulletins in Sydney and Canberra replaced by a ­“national bulletin” out of ­Melbourne.

Nine chief executive Mike Sneesby — who formally re­places outgoing boss Hugh Marks on Monday — said the ­attack had “affected our ability to produce news and current ­affairs”.

“It has impacted our ability to go live to air on the Weekend Today show and … fans were unfortunately unable to see that show,” he said on Sunday.

The disruptions extended beyond the company’s broadcast operations, with journalists from The Sydney Morning Herald, The Age and The Australian Fin­ancial Review told not to connect to the media company’s computer network.

Later on Sunday, all staff were told to work from home until further notice as they were warned in an email of the unresolved “major incident”. It is the first time Nine has been unable to air a TV program because of an external threat, according to senior figures at the network.

Nine has requested assistance from the Australian Cyber Sec­urity Centre, part of the Australian Signals Directorate, the company’s newspapers reported.

The attack on Nine came as separate technical issues disrupted the Parliament House network, with the Department of Parliamentary Services also requesting ACSC assistance.

Assistant Defence Minister Andrew Hastie last Thursday told The Australian that “many Australian businesses” were at high risk of having their operations disrupted and data stolen amid a wave of malicious state-sponsored and criminal cyber attacks targeting hospitals, parliaments and companies.

Mr Hastie, who has responsibility for cyber security under the Defence portfolio, urged businesses not to leave the “door open for criminals to exploit their computer systems”.

Ransomware attacks in Australia, many of which have been linked to Chinese state-sponsored actors, have in recent weeks targeted the West Aust­ralian ­parliament and one of Victoria’s largest hospital operators.

Mike Cerny, PwC’s cybersecurity consulting lead, said ransomware attacks were becoming increasingly common in Aus­tralia, and both large and small businesses were vulnerable.

A recent survey by PwC of tech company executives found that almost two-thirds thought their organisation would be a “likely” target of a cyber attack, he said. “In cyber attacks ... the common motive is always money.”

Nine said no ransom demand accompanied the cyber attack on the media company.

Jacqueline Jayne, security awareness advocate at KnowBe4, said: “There is no security control in an organisation that is 100 per cent effective all the time, as Nine has learned. That ‘silver bullet’ just does not exist, yet it is often an excuse to focus on recovery rather than prevention.

“That is a huge mistake and one that, now ransomware is often being used to exfiltrate and expose data, could be even more costly. A better approach is to stop attacks before they occur.”

A Nine spokeswoman said the network’s breakfast show Today would be broadcast out of Sydney as usual on Monday morning.

While the issue of the network’s live broadcasts had not yet been fully resolved, “solutions” had been reached to allow live broadcasts to continue for audiences around Australia, she said.

“We wish to inform you there has been a cyber-attack on our systems which has disrupted live broadcasts out of Nine Sydney,” the company’s director of people and culture, Vanessa Morley, told staff in an email on Sunday.

“As a result, we were unable to get Weekend Today to air this morning (but) we have put processes in place to ensure we’re able to resume our normal broadcast schedule. While our IT teams work through this issue, we ask all employees, in all markets, to work from home until further notice.

“If your role requires you to be in the office, please speak to your manager before coming in to determine what the impacts are for your business unit.”

Nine News flew producers to Melbourne on Sunday and the NRL commentary panel was told to drive to Newcastle

More Coverage

MPs on alert after email ‘disruption’

GREG BROWN

Insiders on the outer

Nick Tabakoff

ABC’s ‘precious’ reply to local content push

PAUL FLETCHER

Film industry fears trigger push for ABC, SBS to lift game

James Madden

More related stories

Media

Tight NRL finale draws strong TV audience

The ratings for the closely-fought match between the Panthers and the Melbourne Storm were up on last year’s NRL centrepiece but were easily outstripped by the TV audience for the lopsided AFL Grand Final a week earlier.

Read more

Media

ABC ombudsman changes ‘sympathetic’ Hezbollah stories

The taxpayer-funded broadcaster’s watchdog received more than a dozen complaints about an article that readers claimed was ‘too sympathetic to Hezbollah’.

Read more