A scholar from Andrews University in Michigan, Anthony Bosman, realized he couldn’t download a mobile boarding permit on his smartphone; he was attempting to board his aircraft from Michigan to Florida.
He then went to the airport to check in in person and was astounded to see how an airline staffer manually drew up his boarding card after finding his name on a paper list.
“It appeared like a flashback,” after remembering the ticket agent saying that she was tired from writing so many of them with her hand. His flight proceeded according to schedule.
The identical event was recorded by several other travellers that day, many of them from India.
Banks, telecom companies, health services, and online merchants were also impacted by the CrowdStrike outage.
A top official of the company apologized “deeply” for the havoc he had caused during his appearance before a US congressional committee the previous week.
Some organisations were forced to abandon their computer-based procedures in July for a short while and carry out tasks in a manual manner.
Examining prior cyberattacks and IT malfunctions on the BBC News website can provide you with several instances of companies who were forced to “go back to pen and paper” when faced with interruption.
This has happened to British General Practitioners (GPs), employees of Lincolnshire County Council, nurses at the Rouen hospital in France, and workers at the foreign exchange company Travelex.
It sounds like a nearly hopeless situation. However, even though it’s not ideal, some cyber-experts are now suggesting that businesses prepare to move to paper-based procedures in the event that their IT systems fail.
Pen and paper systems might be something staff members occasionally practice using rather than an impromptu workaround, enabling them to effortlessly transition away from their computers when needed.
Norsk Hydro, a Norwegian corporation that specializes in renewable energy and aluminium, is one that understands the importance of paper.
Ransomware was used by hackers to lock staff members out of over 20,000 computers at Hydro in 2019. Hydro’s executives made the decision to forgo paying a ransom to regain access, forcing 35,000 employees spread over 40 countries to temporarily find alternative means of accomplishing their business.
For example, according to Hydro spokesman Halvor Molland, they pulled ancient binders out of basements that had instructions on how to create certain aluminium goods. By pure coincidence, employees at certain sites had printed out order requests right before the cyberattack occurred.
According to Mr. Molland, “their creativity… was tremendous.” Fortunately, production equipment was unharmed by the ransomware, even though PCs containing customer and corporate data were locked out. In order to print information for production workers, employees at some locations purchased printers and computers from nearby merchants. Additionally, the old office set was useful. In fact, Mr. Molland recalls, dusting off some old telefaxes, so it can be reused.
These solutions allowed the company to continue operating even if production at some sites dropped by as much as 50%. As Mr. Molland states, “You need to do what you need to do.” In reflection, he advises businesses to save paper versions of important documents, such as checklists or internal phone numbers, so that some work may be done even in the case of a significant cyberattack.
The seriousness of some of the recent cyberattacks and IT disruptions has made people realize how important it is to have these manual procedures, according to Chris Butler, resilience director of databarracks, a disaster recovery and business continuity centre.
He cites one of his company’s clients, an industrial distribution company, that assembled “disaster recovery packs” and sent them to each of its locations. Paper forms and a fax machine are included in the packets as a backup in case their digital ordering system goes down. “They realized they had no choice but to have these forms if that goes down.”
In an effort to determine if workers can still perform their tasks as efficiently without computers, Mr. Butler proposes that businesses have a training day when staff members practice utilizing flip charts and whiteboards.
Paper is advised by certain organizations for security-related concerns. Certain papers must be filed with specific parts of the US court system on paper, for instance, or on a secure media, such as an encrypted USB drive.
Paper-based procedures obviously have its limitations. Mr. Butler also points out that it will be difficult for bankers to move to paper-based alternatives if they, for instance, are unable to access their trading terminals due to an IT issue.
Pen and paper systems’ inability to expand is their main drawback, according to Gareth Mott of the Royal United Services Institute. It is slower than utilizing a computer for several tasks, and managing thousands of personnel across numerous office locations using such methods is challenging, if not impossible.
But using workarounds well may be beneficial, says Dr. Mott. He and others have studied the effects of “war-gaming” and IT failure role-playing on workers’ reactions to actual cyberattacks. “We discovered that the businesses who had taken that action, sometimes just a few weeks prior to a real-world incident, truly benefited,” he adds.
Pen and paper are not the only tools that might be useful. Following a cyber-attack, Dr. Mott is aware of one company that purchased “crates worth of Chromebooks” for employees so they could function without requiring access to the company network.
If access to the company email systems is lost, for example, some businesses may advise staff members to utilize inactive WhatsApp or Signal message groups for internal conversations.
Dr. Mott and Mr. Butler both emphasize the significance of off-site or otherwise separated data backups in order to prevent the loss of all that crucial information in the case of a ransomware attack.
How would you, in the event of an IT emergency affecting the current technological tools for psychological work, be able to find a flawless solution?
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behaviour or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
