In the realm of IT, there are best practices for managing system outages, and then there are examples of what not to do. The recent actions of the ARRL exemplify the latter. Today, HQ released an update stating that they were “the victim of a sophisticated network attack by a malicious international cyber group” and that they “quickly established an incident response team.” However, it took them 21 days to provide this detailed update.
As an IT professional, I have encountered numerous challenges and learned valuable lessons over the years. One of the most critical aspects of managing an outage is communication—clear, frequent, and transparent communication. It is essential to over-communicate during such times. Additionally, having a visible leader who represents the response effort is crucial. An effective “incident response team” should not only consist of technical experts working behind the scenes but also include individuals who manage communications, reassure stakeholders, and provide key information such as estimated restoration times.
ARRL has often been subjected to unwarranted criticism, but this situation is a result of their own missteps. I question whether the attack was all that sophisticated, sensing that it was a common ransomware attack. We await the final report for details, assuming it is made public. While technical shortcomings can be understandable and even forgivable, the poor communication and lack of transparency in this instance are not. The recurring sentiment from ARRL, echoing past incidents, seems to be, “You don’t need to know.”
This article was originally posted on Radio Artisan.
Radio Artisan 