Since the conflict arose in February of 2022, there have been extensive warnings from government agencies and media outlets. Here are our recommendations on how to remain resilient to increased levels of cyber threats.
What is happening?
As a result of the conflict, an increased level of cyber threat has been declared by the UK National Cyber Security Centre (NCSC). In addition, warnings are also being shared by the Financial Conduct Authority (FCA) advising businesses to ensure “business continuity and incident management arrangements are up to date”.
Whilst we’re not directly involved with the conflict, this does not mean we are not at risk from the increased cyber threats.
The NCSC recently warned UK critical national infrastructure is being targeted by Russia’s Federal Security Service (FSB). They uncovered attack attempts against the UK’s energy sector and have also reported the FSB have been targeting the US aviation sector in “sophisticated attacks”. In one incident the NCSC were able to detect and prevent, they uncovered a potential malware attack against a chemical plant:
“The malware was designed to give the actors complete control of infected systems and had the capability to cause significant impact, possibly including the release of toxic gas or an explosion – either of which could have resulted in loss of life and physical damage to the
These are the first publicly identified high profile cyber-attacks on the Western front, which has been widely reported and expected since the start of the conflict.
Malware Spillage Past Borders
Due to the inherent nature of malware and its lack of geographical limitations, it could unfortunately be only a matter of time before cyber weapons affect users and systems in other countries. This is likely to cause a lasting impact, as they can remain active for months or years, even after the conflict has concluded.
Ensuring systems are hardened and remain patched against weakness remains a key priority for security teams
How To Protect Your Organisation
The NCSC provided an up-to-date advisory guide on how to act following Russia’s attack on Ukraine. The advice is aimed at all sizes and sectors and helps businesses take actionable steps to improve their resilience in response to the heightened cyber threat.
Following the NCSC’’s advice, we recommend the following 6 security practices are implemented for all business who rely on technology:
- Implement multi-factor authentication on all accounts which are important to your business (work email, online-banking, CRM systems etc.)
- Ensure employee devices (e.g., laptops, phones), business systems (websites, servers, cloud systems) and software/applications are using the latest version of software. Ideally, utilise automatic updates where possible to remove the need for manual patching intervention.
- Check backups for critical systems or data are set up properly and can be restored in an appropriate timescale. Remember, large backups which are stored online may will take a long-time to restore over an internet connection..
- Educate employees on cyber security threats such as phishing, ransomware etc. And ensure they know what to do when they see something suspicious.
- Sign up your organisation to the free NCSC “Early Warning Service” to ensure you are alerted to any vulnerabilities on your website or IP addresses.
- Have a security incident response plan ready. Be prepared for incidents beforehand, to help minimise the duration and impact of incidents.
For further information please review publications from the NCSC.
Kloudwerk works with you to help you keep the cyber criminals out. We offer affordable cyber security consultancy packages for business customers. Please visit our Cyber Consultancy page for more information.