While at the airport on Friday, I witnessed the chaos caused by the global IT outage firsthand. Throughout this stressful period, I was in constant communication with our team on the ground to assess the potential impact on our operations, customers, and partners.
Our team maintained minute-by-minute updates, late into the evening and even early Saturday morning to ensure we were fully informed and prepared.
Events like this one are a harsh reminder that even the most trusted software can have hiccups, and when it does, it can bring entire organizations to a grinding halt.
Incident Response & Preparedness
Thankfully, Blue Team Alpha does not rely on the affected platform, and our team was not directly impacted.
However, this kind of disruption is a wake-up call for all of us and an opportunity to identify and remedy critical gaps in many companies’ cybersecurity and business continuity strategies.
I strongly recommend creating an incident response strategy with playbooks for IT outages, hurricanes, cybercrime, and other relevant disasters BEFORE the next incident.
Please note: We have a free policy template available if you’re looking for a place to start!
In short, preparedness is vital in ensuring the protection and resilience of your business.
Potential for Opportunistic Threat Actors
As a reminder, attackers have been known to strike during the aftermath of large-scale events such as this one.
Be on the lookout for things like:
- Phishing attacks
- Attackers posing as a representative of the affected platform
- Emails mimicking a notification or update from the platform itself
- Fake sites/domains created to mimic an official channel
- Malicious links or downloads hidden among/posing as legitimate advice or information on forums etc.
These things and more have already been reported, and are all common ways threat actors have been known to attempt to use a major outage such as this one to their advantage.
Review Your Business Continuity & Response Plan
As recovery efforts continue and things begin to normalize, we urge affected companies to take stock of their security and recovery strategies. Use this as an opportunity to meaningfully review what went well and what didn’t during your response efforts.
It’s a valuable investment we can all make in our company’s future preparedness, and it will inform how our teams weather the next incident, outage, or cyber event.
Need Anything?
Our commitment will always be to provide you with the highest level of security and support proactively and reactively. Should you have any questions or require any support now or in the future, please do not hesitate to contact us.
Thank you for your continued trust in our services. Stay safe out there.
