Due to the size and complexity of the government’s many websites, their back-up plans proved to be ‘useless’, affecting mainly outlets that provide information to the public and media. Emergency communication channels remained online.
The cyber attack was believed to be a distributed denial-of-service (DDoS) attack.
A host of official government websites and critical infrastructure in the EU have recently been disrupted by hackers, including:
- German government websites hacked by pro-Russian hackers.
- The notorious theft of Swedish government logins in response to the raid on The Pirate Bay.
- A Finnish bank hit by a DDoS attack.
- A cyber attack that caused “massive damage” to a German iron plant.
Having a business continuity plan in place for instances such as these is just as important as putting effective cyber security measures in place to mitigate the risk of a data breach in the first place.
To minimise the impact a disaster can have on your business, and to continue providing essential services to your customers, organisations need to put a business continuity management system in place. ISO 22301: A Pocket Guide explains the requirements for a plan aligned to the international business continuity standard, ISO 22301.