Cyber Incident Victim: The Shift News
Date:
Jan 2019
Location:
Malta
Summary
The Shift News experienced a distributed denial-of-service (DDoS) attack aimed at crashing its website following investigative reporting on a controversial hospitals privatization deal involving alleged financial misconduct and hidden ownership structures. The attack, described as professionally coordinated and politically motivated, attempted to flood the site's servers with traffic after the outlet revealed details of secret agreements, offshore transactions, and a €1 acquisition that granted Steward Healthcare long-term taxpayer-funded concessions. Despite the sustained assault, the organization maintained its operations through enhanced security measures and vowed to continue publishing its findings through alternative channels if necessary, framing the attack as confirmation of the significance of their revelations.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On January 14, 2019, The Shift News experienced a sustained Distributed Denial of Service (DDoS) attack targeting its website infrastructure following the publication of investigative reports exposing financial irregularities in Malta’s hospitals privatization deal. The cyber attack commenced shortly after the outlet released the third installment in its "The Big Sell Out" series, which revealed how Vitals Global Healthcare (VGH) secretly financed a €5 million acquisition of medical supplier Technoline before securing exclusive supply contracts. This followed two prior investigative pieces published on January 13 detailing concealed agreements between VGH and U.S.-based Steward Healthcare, showing Steward acquired VGH’s lucrative 99-year public hospital concession for €1 while securing €70 million annually from Maltese taxpayers. The DDoS attack involved coordinated high-volume traffic floods from multiple sources attempting to crash the site’s servers, a common tactic to silence media outlets during critical reporting periods.
The Shift News team implemented countermeasures to maintain site availability, characterizing the attack as professionally coordinated and well-resourced. Editor Caroline Muscat publicly linked the assault to their reporting on hidden financial transfers through offshore entities involving Maltese government officials, stating the timing confirmed the sensitivity of their revelations. Despite infrastructure strain, the outlet maintained partial operability through pre-established security systems funded by reader support, though no technical specifics of these defenses were disclosed. Muscat emphasized operational resilience, noting content would persist through alternative channels if the primary site failed. The cyber attack’s occurrence immediately following exposés on Steward’s €1 acquisition and subsequent €7 billion revenue projection underscored perceived political motivations to suppress scrutiny of the deal. No data breach or content manipulation occurred, with impacts limited to temporary accessibility challenges during peak attack periods while investigative coverage continued uninterrupted.