On September 4, Tewkesbury Borough Council declared a major IT incident and shut down its systems and enacted their incident response plan. It now turns out that this incident was not a cyber-attack but an error in user accounts.
However this does not matter. There was and is inconvenience to local people who could not access services in the normal way, but the council had no choice. Suspicion of any evidence that could be cyber-attack is enough to turn on the plan that protects the information of the same people who have now been inconvenienced.
Good on Tewkesbury Borough Council – after an investigation they can state no information was compromised.
Your Takeaway
It is obvious to respond in situations similar to the council’s, but what happens if it is a false positive? Or worse someone did click on a link and it was a real incident. It is natural to want to blame someone, but before you do that read this article:
As you can now see, the threat actors want you to have a “blame game” as it weakens your cyber security defence and strengthens their position.
Clive Catton MSc (Cyber Security) – by-line and other articles