One of the leaked US State Department cables sent shortly after the 2007 online attack against Estonia has highlighted failings in conventional disaster recovery planning, and shows serious weaknesses in some industries.
The cable detailed the Estonian attacks based on interviews with key sources and showed a number of strengths and weaknesses in traditional disaster recovery planning and IT security management. One of the chief failings found was that the established chain of command failed completely and decisions were largely taken by staff on the ground in an ad hoc fashion, rather than basing actions on the traditional chain of command.
“XXXXXXXXXXXX explained that neither CERT nor the government of Estonia had the personnel to put out the fire and also act as a secretary to take down the minutes," the cable from the US embassy in Tallin reports.
“(Note: XXXXXXXXXXXX claims of staff shortages are somewhat questionable
given that he
told us that neither he nor any of his staff had to work overtime during the cyber attacks.)"
The report also found that, while large companies and financial institutions were usually able to weather the storm, smaller businesses did not have any policy or official guidance on how to deal with the attacks and many lacked the ability to purchase additional bandwidth.
Furthermore the Estonians were helped by the fact that the attacks themselves were of a fairly primitive nature. Rein Ottis, the country's head of cyber defence at the Ministry of Defence, said that if the attackers had actually targeted key servers and routers rather than used blanket attacks, the country would have been shut down fairly easily.
Defenders were also helped by the fact that the attacks were discussed online by the participants in public chat rooms, and by monitoring these the security team could mitigate specific attacks. Most attacks usually occurred in the evening, which also helped as this was the lowest traffic period of the day for regular internet users.
In addition, the attackers went for the government and banking sector. According to an Estonian source if the attacks had been made against the nation's logistics infrastructure, the result could have been a lot worse, since three quarters of grocery stores, petrol stations and shops rely on the internet for their orders and deliveries.
“Although these cyber attacks were unprecedented in nature, our Estonian interlocutors all agreed that the outcome could have been much worse,” the cable states.
“They also note that the impact on cyber defence policy for both the public and private sectors will be discussed and felt for a very long time.”
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago