In 2015, Ukraine’s power grid experienced widespread failure of its mission-critical systems when a cyberattack caused 30 of its substations to shut down for between one and six hours, which resulted in widespread blackouts across the city of Ivano-Frankivsk. In an article for Wired, Kim Zetter explores how the hack occurred. https://www.wired.com/2016/01/everything-we-know-about-ukraines-power-plant-hack/ In Sony case (see attached), consider the damage caused by the North Korean hack that relates specifically to Sony’s critical systems being targeted. What do you think is the maximum time the organization can afford to have the critical system offline? What resources would the organization require to continue business processes despite the system being unavailable? What backup systems are currently in place in the event of such an attack? Are these backups also subject to attack?
