On 24 December 2020, we were subject to a serious and complex cyber-attack, displaying significant stealth and malicious sophistication, which significantly impacted our organisation, our staff, our public and private partners, and the communities who rely on our services.
In the ten months since the attack, we have worked with Scottish Government, Police Scotland, the National Cyber Security Centre (NCSC) and the Scottish Business Resilience Centre (SBRC), to a clear recovery strategy.
We voluntarily commissioned reviews from independent experts to help:
We are publishing as much as we can of the reviews so that as many organisations as possible can use our experience to better protect themselves from cyber-crime and have committed to supporting Police Scotland and Scottish Business Resilience Centre in their work on highlighting the support available to organisations to be cyber ready, resilient and responsive.
Throughout our response and recovery activities, we published a weekly service status, detailing progress on our affected systems and services. We'll continue to update our service status on a weekly basis so that we’re clear on what those we work with can expect and how we'll prioritise progress.
Our current service status information.
Cyber security advice: