The States of Guernsey has been targeted by a sophisticated and potentially serious cyber-attack, and resolved the matter in under 48 hours, minimising any impact on the organisation and the delivery of public services.
The ‘phishing’ attack sought to overwhelm government email systems and prevent the States from being able to use email. It temporarily blocked emails from gov.gg accounts to Microsoft and Yahoo email accounts, however these blocks have now been removed. The attack was an attempt at ‘denial of service’ rather than to steal data and there is no evidence that any personal data has been lost.
States of Guernsey security officers have worked alongside its Strategic Partner Agilisys, specialist security teams in Microsoft and the National Cyber Security Centre through the night to quickly resolve the incident and restore all email capability.
This is not the first time the States of Guernsey has been targeted in this way, and a previous incident in 2018 had significant impacts on the organisation for several weeks, and smaller impacts that continued for months. However the States has learnt the lessons of these previous attacks, built relationships with the new National Cyber Security Centre and invested, as part of the contract with Agilisys, in new systems; further enhancements are due to be deployed in 2021 as part of the IT Transformation programme.
Colin Vaudin, Chief Information Officer for the States of Guernsey said: “Cyber-attacks are, regrettably, now part of the day-to-day security considerations for any organisation, and the ability to prepare, protect and recover from such attacks is crucial. This attack was sophisticated and could have had significant operational impact and caused disruption to the ability of the States to communicate with Islanders, businesses and other bodies. Whilst I will not comment on the details of the technical measures we have in place and how we reacted to counter this specific attack I would like to reassure the public that we have been constantly improving our cybersecurity measures meaning we’ve been able to quickly tackle what could have been a very serious attack”.
Deputy Heidi Soulsby, Vice-President of the Policy & Resources Committee said: “I’d like to thank the teams that have worked so quickly to get on top of this attack. Clearly the government relies on being able to communicate by email both within the organisation and beyond. This is a critical time for us as we continue to manage the Bailiwick’s response to COVID-19 and we need all our service areas to be able to coordinate and communicate quickly and effectively. We can’t afford to be set back by a cyber-attack, and whilst we must remain vigilant, I’m very pleased we’ve shown the robustness and resilience of our cybersecurity in this case”.
