Guernsey’s government has been targeted by a ‘sophisticated and potentially serious’ cyber-attack.
The States says it resolved the matter in under 48 hours and that it minimised the impact on the organisation and public services.
The ‘phishing’ attack aimed to overwhelm its email system, so the States would be unable to use it.
Emails from gov.gg accounts to Microsoft and Yahoo address were temporarily blocked.
The States says the attack was an attempt at ‘denial of service’ rather than to steal data, and that there is no evidence of personal data being lost.
Government security officers worked with its partner agency, Microsoft, and the National Cyber Security Centre through the night to restore its capabilities.
The States was previously targeted in 2018 - an attack that took several months to fully overcome.
The government says the lessons it learned, the relationships it has developed and the investment made in enhanced systems have helped in this latest attack.
More improvements are due in the coming year as part of the IT transformation programme.
“Cyber-attacks are, regrettably, now part of the day-to-day security considerations for any organisation, and the ability to prepare, protect and recover from such attacks is crucial. This attack was sophisticated and could have had significant operational impact and caused disruption to the ability of the States to communicate with Islanders, businesses and other bodies. Whilst I will not comment on the details of the technical measures we have in place and how we reacted to counter this specific attack I would like to reassure the public that we have been constantly improving our cybersecurity measures meaning we’ve been able to quickly tackle what could have been a very serious attack.” -Colin Vaudin, Chief Information Officer for the States of Guernsey