Manual Ways in IT Crisis

The Analogue Lifeline: How Traditional Methods Sustain Operations in a Digital Crisis

A flawed software deployment in July 2024 triggered global disruption for the aviation sector and numerous other industries. When a CrowdStrike program malfunction incapacitated an estimated 8.5 million digital devices internationally on the 19th of that month, individuals preparing for air travel were among the initial groups to experience the consequences. The problem, originating from an incorrect update to Falcon Sensor security software, led to extensive system failures and prevented successful restarts, making it the most significant information technology outage recorded. This situation arose not from malicious cyber activity but from an internal mistake. The fallout extended to financial institutions, telecommunication companies, healthcare services, and internet-based merchants, compelling a temporary yet substantial dependence on non-digital operational methods.

The Human Element in a Tech Breakdown

Anthony Bosman, a scholar connected with Michigan's Andrews University, encountered this situation directly. While trying to travel from Michigan towards Florida, he discovered an inability to retrieve his electronic flight authorisation. Upon reaching the airport for check-in, an airline representative consulted a physical document for his information before manually preparing his flight permission. Bosman recollected the ticket vendor's remark about her hand aching from the extensive number of handwritten authorisations. Despite the old-fashioned procedure, his aircraft departed according to its timetable. Many other passengers worldwide, with a notable number in India, reported similar situations, highlighting the extensive reach of the problem.

Acknowledging the Chaos

The repercussions of the CrowdStrike mistake were so broad that a high-ranking company official subsequently addressed a United States congressional body. He conveyed deep regret for the resulting pandemonium. For a short duration, many enterprises had to set aside their advanced, computer-reliant procedures. They shifted to more established, manual techniques to preserve a degree of operational function. This abrupt change underscored the vulnerabilities of contemporary digital frameworks and the unexpected fortitude provided by conventional practices. The financial impact across the globe was assessed to be at least ten billion US dollars.

Echoes of Past Failures: The Recurrence of Manual Reversion

Examining historical cyber assaults and IT malfunctions unveils a consistent pattern: entities often revert to using writing implements and physical documents when electronic systems cease to function correctly. This has been the case for varied organisations, including general medical practitioners in Britain, personnel at the currency exchange enterprise Travelex, and medical professionals at a Rouen-based hospital in France. Staff at the Lincolnshire County Council also confronted comparable difficulties, turning to non-digital tasks when their IT setup was breached. While these circumstances may appear to be a serious challenge, the usefulness of these older approaches endures.

Proactive Planning for Analogue Operations

The idea of returning to manual notation might imply a somewhat unfortunate situation. This view, however, is evolving. Cybersecurity specialists increasingly recommend that businesses incorporate procedures reliant on physical documents into their emergency preparedness. Instead of considering manual techniques as a hurried, makeshift fix, these professionals advocate for regular drills. Employees could periodically engage in training with these non-electronic systems. Such preparation facilitates a more fluid and uninterrupted shift from computers if a major IT disturbance happens, thereby sustaining operational workflow.

Image Credit - Freepik

Norsk Hydro: A Case Study in Analogue Resilience

Norsk Hydro, a corporation in Norway focused on aluminium and sustainable energy, possesses a profound comprehension of the utility of systems based on physical records. During 2019, the enterprise experienced a significant ransomware incident. This cyber intrusion denied employees access to more than twenty thousand computing units throughout its international activities. The perpetrators demanded a payment to reinstate functionality. Nevertheless, Norsk Hydro’s leadership made the pivotal choice against remittance. This principled position meant that thirty-five thousand workers distributed over forty nations needed to devise substitute methods for their job responsibilities temporarily.

Ingenuity in the Face of Digital Paralysis

Norsk Hydro's workforce showed extraordinary adaptability. Halvor Molland, a representative for the enterprise, described how staff members located aged binders in storage areas. These folios held vital directions for manufacturing particular aluminium items. At several sites, workers had, by a stroke of luck, generated hard copies of procurement details just before the cyber intrusion disabled their computer systems. This accidental foresight proved exceptionally useful. While machines containing client details and corporate information were rendered unusable, the ransom-demanding malware fortunately did not compromise factory machinery, permitting some production to continue.

Vintage Technology's Unexpected Return

To navigate the digital obstruction, personnel at certain Norsk Hydro locations procured new processing units and printing devices from neighbourhood suppliers. These acquisitions served to generate physical copies of crucial data for factory operatives, working around the affected network. In an unforeseen development, even antiquated office apparatus found renewed utility. Molland mentioned the requirement to reactivate "some old telefax machines" for maintaining communication and sending essential paperwork. This combination of accessing archived information and creatively using existing technology demonstrated the firm's remarkable flexibility under intense conditions.

Sustaining Operations Through Manual Effort

These non-digital workarounds, while not perfect, were instrumental in maintaining Norsk Hydro's functions. Output at specific facilities did decrease by as much as half. Nonetheless, the capacity to uphold some operational activity stood as evidence of the employees' cleverness and the fundamental worth of non-electronic data. Molland highlighted the practical stance: "One must do what is required." He proposed that businesses should keep physical versions of essential details, like internal contact lists or procedural guides.

The Growing Recognition of Manual Fallbacks

Chris Butler, holding the position of resilience director at Databarracks, an organisation that focuses on disaster recovery and ensuring business operational flow, notes a distinct pattern. "Individuals now grasp the significance of possessing these non-digital methodologies," he comments, linking this understanding to "the seriousness of several recent cyber intrusions and IT system interruptions." This view indicates a wider appreciation that total dependence on electronic frameworks carries fundamental dangers. The rising occurrence and complexity of cyber threats demand a more comprehensive strategy for operational fortitude, incorporating strong manual contingency plans.

Image Credit - Freepik

Disaster Recovery Packs: Tangible Preparedness

Butler points to a concrete illustration of this readiness. A client of Databarracks, an enterprise in industrial distribution, has created "emergency preparedness kits." These packages, sent to all its operational locations, contain physical forms and telefax equipment. This actual provision offers a fallback if their electronic procurement platform becomes non-functional. The business understood that lacking such a backup, a system failure would render them incapable of processing orders. This forward-looking action shows a dedication to service continuity despite potential technological breakdowns.

Training for a Tech-Free Environment

To improve readiness further, Butler advises that firms arrange practice sessions where staff members perform their duties without digital devices. By employing aids such as presentation easels and marker boards, personnel can replicate a manual working situation. This permits companies to determine if they can operate adequately and pinpoint possible flaws in their non-electronic processes. Such activities not only develop capabilities but also cultivate an adaptable outlook among workers, which is vital when confronting unforeseen interruptions. Consistent practice refines responses and uncovers deficiencies.

Paper for Security: A Deliberate Choice

On certain occasions, entities require the use of physical documents for safeguarding information, not merely as an emergency measure. For example, parts of the United States judicial framework stipulate that particular records must be submitted on either tangible sheets or a protected physical medium, like an encrypted universal serial bus device. This inclination towards physical records in sensitive areas highlights an awareness that electronic systems, their efficiencies notwithstanding, can harbor distinct vulnerabilities absent in paper. This method seeks to shield highly private data from digital hazards.

The Inherent Limitations of Manual Processes

Despite their usefulness during an emergency, procedures reliant on physical documents possess definite restrictions. Chris Butler observes that for particular occupations, like financiers who find their trading platforms inaccessible during an IT disruption, transitioning to non-digital options is not simple or, in some instances, practical. The velocity and intricacy of contemporary financial dealings, for instance, are challenging to reproduce by hand. This underscores the industry-specific character of efficient manual alternatives. Various sectors will encounter differing levels of challenge in switching to non-electronic techniques.

Scalability: The Achilles' Heel of Pen and Paper

Gareth Mott, associated with the Royal United Services Institute, points out the primary disadvantage of manual inscription methods: their limited capacity for expansion. Non-digital procedures are naturally more time-consuming than computerised ones for numerous operations. Aligning thousands of personnel across many office sites using solely manual techniques poses a significant, perhaps insurmountable, difficulty. This scalability concern implies that while manual systems can offer a temporary reprieve, they are seldom a viable long-term fix for extensive, intricate organisations.

Image Credit - Freepik

The Power of Practice: War-Gaming IT Failures

Nonetheless, Dr Mott asserts that rehearsing alternative strategies can markedly enhance reactions to actual cyber intrusions. He and his associates investigated how "strategic simulations" and IT breakdown reenactment drills influence employee responses. Their discoveries were persuasive: "Our research indicated that businesses undertaking such exercises, sometimes just weeks before a real event, gained substantial advantages." These simulations enable organisations to evaluate their emergency plans within a managed setting, pinpointing vulnerabilities before an actual crisis develops.

Beyond Pen and Paper: Alternative Low-Tech Solutions

Fortitude during an IT emergency extends beyond just using writing implements and physical documents. Dr Mott recalls a situation where a company acquired "numerous containers filled with Chromebooks" for its workforce after a cybersecurity event. These gadgets permitted employees to persist with their tasks without requiring connection to the affected corporate infrastructure, thus ensuring a measure of operational flow. This illustrates the benefit of having readily available, separate hardware solutions for quick deployment, bridging the gap while main systems are being fixed.

Leveraging Existing Communication Channels

Certain businesses might possess inactive communication avenues, such as WhatsApp or Signal message collections, that can be reactivated during an urgent situation. Should corporate email access become blocked, these substitute platforms can aid internal dialogue among team members. Employing common and widely understood consumer technologies presents a swift and potent means for sharing information and aligning actions when primary communication frameworks are unavailable. This flexibility is particularly vital in the early phases of an IT disruption.

The Critical Role of Data Backups

Both Dr Mott and Chris Butler highlight the vital necessity of externally stored or otherwise isolated data copies. Should a ransom-demanding software attack occur, where information is encoded and held for payment, possessing protected, separate copies means crucial data is not inevitably forfeited. This ability to retrieve information from an untouched source forms a fundamental element of contemporary cyber resilience. It can decide if a business recovers without succumbing to ransom demands or experiencing devastating data loss.

Specialist Firms: Guardians of Data Integrity

Cathy Miron serves as the chief executive for eSilo, a data replication enterprise headquartered in Florida. Numerous comparable businesses operate globally, Databarracks among them, furnishing protected data replication solutions. The company Ms Miron leads offers external, cloud-supported information storage on an infrastructure distinct from their clients' main systems. They also provide on-premises, custom-engineered server units for localized data protection. She stated with confidence their consistent achievement of full ransomware data retrieval to date, underscoring the success of professional, well-organized backup plans.

Improvised Connectivity in a Digital Shutdown

The advanced nature of modern digital frameworks is clear. However, frequently, elementary, improvised solutions prove essential when an emergency arises. Ms Miron referred to a client who, at that moment, was utilising a Verizon MiFi apparatus – a portable broadband wireless router. This equipment facilitated entry to replicated information because a cyber event had rendered their primary corporate system entirely inoperable. This situation demonstrates the requirement for adaptable and swiftly deployable alternative connection methods.

Anticipating the Inevitable: A Proactive Stance

Halvor Molland from Norsk Hydro imparts a vital piece of wisdom: "One should anticipate, at some juncture, becoming a target of a cyber intrusion." This forward-looking, rather than merely responsive, perspective is crucial for developing true resilience. The key considerations then shift to: "What actions are taken in the interim? How is operational momentum maintained?" This anticipatory view encourages organisations to allocate resources to preventive actions, strong backup frameworks, and thoroughly practiced manual alternative procedures.

Image Credit - Freepik

The Widespread Impact of IT System Failures

The CrowdStrike outage in July 2024 impacted an estimated 8.5 million devices across the globe. Airlines called off more than 5,000 flights, and many airports faced considerable operational interruptions. The effects reached into healthcare, where hospitals struggled with accessing patient information and diagnostic tools. Financial entities also registered outages, which affected monetary dealings. This occurrence underscored the interrelation of worldwide systems and the knock-on effects of a solitary software malfunction. Human intervention became necessary for numerous affected devices.

Healthcare's Vulnerability to IT Issues

The healthcare field shows itself as especially susceptible to information technology interruptions. The National Health Service (NHS) in the UK has encountered situations where IT system breakdowns have been connected to patient detriment and even fatalities. In one case, staff incorrectly assessed a patient as not wanting resuscitation because they could not rapidly obtain correct details through the IT framework. Another instance involved a patient diagnosed with lung cancer who died after IT complications hindered essential follow-up. Thousands of hospital communications have also remained undelivered owing to computer faults. Recent cyber intrusions, such as the one affecting Wirral University Teaching Hospital in November 2024, necessitated a shift to procedures reliant on physical documents, causing postponements of appointments and medical interventions. The Synnovis ransomware incident also profoundly affected NHS blood analysis capabilities.

The Financial Toll of System Downtime

Interruptions in IT service inflict a considerable monetary burden on enterprises. Projections indicate that system failures can cost large entities as much as $9,000 each minute. Beyond the direct loss of income, such downtime harms customer relations and obstructs worker output. Employees might find themselves unable to carry out their responsibilities, resulting in work accumulation and heightened stress. Clients who find services unavailable may swiftly opt for rivals, leading to sustained erosion of market position. The mental strain on personnel, dealing with annoyance and an increased workload, is also substantial.

Ransomware: An Evolving and Persistent Threat

Ransomware assaults persist as a major and developing danger to organisations internationally. Cyber perpetrators increasingly focus on data extraction either alongside or in place of encryption, intending to purloin confidential details to enhance their bargaining power. Ransomware-as-a-Service (RaaS) offerings have reduced the entry threshold, permitting less proficient individuals to execute complex attacks. Assailants also exploit non-standard vulnerabilities, like those in Internet of Things (IoT) devices or improperly configured hardware. Despite actions by law enforcement to dismantle significant ransomware operations such as LockBit and ALPHV/BlackCat, the overall threat landscape stays strong, with associates frequently moving to new syndicates. Black Kite's 2025 Ransomware Report indicated a 123% rise in publicly reported victims over a two-year span, with small and medium-sized enterprises becoming more frequent targets.

The Indispensable Role of Offline Backups

In this challenging digital climate, disconnected data copies represent a crucial shield against ransom-demanding software. Storing information on devices separate from the network and active systems establishes an "air-gapped" version. This separation thwarts attackers from encoding or altering backup files. Should an attack happen, organisations can retrieve their information from these untainted copies, possibly sidestepping ransom demands and curtailing operational interruption. Consistently updated and verified disconnected data copies, kept securely and preferably at a different location, constitute a fundamental part of any solid cybersecurity plan.

Business Continuity: More Than Just IT

Genuine operational fortitude necessitates a comprehensive strategy that goes beyond just IT departments. Business continuity planning (BCP) entails pinpointing all conceivable interruptions – from IT malfunctions and cyber intrusions to natural calamities or supplier complications – and formulating approaches to uphold essential functions. This encompasses creating secondary non-digital systems, establishing mutual support agreements with other enterprises for physical space, or organising for third-party service coverage. Unambiguous communication plans and clearly assigned duties are vital elements of an effective BCP.

The Necessity of Simulated Crisis Response

Cyber-attack reenactment drills, sometimes termed tabletop exercises or "strategic simulations," are essential for evaluating an organisation's level of preparedness. These exercises mimic genuine attack situations, permitting businesses to gauge the adequacy of their security protocols and emergency action plans within a secure setting. Simulations assist in uncovering weaknesses, assessing decision-making paths, and enhancing cooperation among various teams. The National Cyber Security Centre (NCSC) in the UK provides "Exercise in a Box," a complimentary tool to aid organisations in practicing their reaction to prevalent cyber dangers. Consistent simulations cultivate an ingrained "muscle memory" for handling crises.

Manual Workarounds: A Practical Necessity

Notwithstanding technological progress, non-digital alternative procedures continue to be a pragmatic requirement for ensuring business operational flow. These interim techniques enable vital operations to persist when electronic systems are not functioning. However, instituting effective non-digital processes demands meticulous foresight. Factors to address include making sure staff can decipher and use cursive script if necessary for physical documentation, and defining methods for re-entering manually recorded information into systems once they are operational again. While non-digital processes might be more time-consuming and less streamlined, their availability can avert a total cessation of operations.

The Future of Resilience: Integrating Analogue and Digital

The growing intricacy of IT frameworks and the constantly changing landscape of cyber threats necessitate strong organisational fortitude. While automated disaster recovery, termed orchestration, can simplify processes and enhance scalability, it is not without flaws. A seemingly small alteration to an IT system can disrupt automated recovery mechanisms. Consequently, a strategy of equilibrium is vital. Organisations must reinforce their digital safeguards and allocate resources to advanced recovery instruments. Concurrently, they should not overlook the established effectiveness of well-practiced non-digital alternatives and conventional techniques. The path to future resilience involves the astute combination of both digital and analogue approaches, guaranteeing that businesses can endure and recuperate from interruptions, regardless of their origin.