How the Russia-Ukraine conflict could affect your business

Cyber attack activity surrounding Ukraine and Russia has increased dramatically since the Russian invasion. Here are our recommendations on how to remain resilient to increased levels of cyber threats.

How the Russia-Ukraine conflict could affect your business

Since the conflict arose in February of 2022, there have been extensive warnings from government agencies and media outlets. Here are our recommendations on how to remain resilient to increased levels of cyber threats.

What is happening?
As a result of the conflict, an increased level of cyber threat has been declared by the UK National Cyber Security Centre (NCSC). In addition, warnings are also being shared by the Financial Conduct Authority (FCA) advising businesses to ensure “business continuity and incident management arrangements are up to date”.


Whilst we’re not directly involved with the conflict, this does not mean we are not at risk from the increased cyber threats.

The NCSC recently warned UK critical national infrastructure is being targeted by Russia’s Federal Security Service (FSB). They uncovered attack attempts against the UK’s energy sector and have also reported the FSB have been targeting the US aviation sector in “sophisticated attacks”. In one incident the NCSC were able to detect and prevent, they uncovered a potential malware attack against a chemical plant:

“The malware was designed to give the actors complete control of infected systems and had the capability to cause significant impact, possibly including the release of toxic gas or an explosion – either of which could have resulted in loss of life and physical damage to the
facility.”

These are the first publicly identified high profile cyber-attacks on the Western front, which has been widely reported and expected since the start of the conflict.

Malware Spillage Past Borders

Due to the inherent nature of malware and its lack of geographical limitations, it could unfortunately be only a matter of time before cyber weapons affect users and systems in other countries. This is likely to cause a lasting impact, as they can remain active for months or years, even after the conflict has concluded.

Ensuring systems are hardened and remain patched against weakness remains a key priority for security teams

How To Protect Your Organisation

The NCSC provided an up-to-date advisory guide on how to act following Russia’s attack on Ukraine. The advice is aimed at all sizes and sectors and helps businesses take actionable steps to improve their resilience in response to the heightened cyber threat. 

Following the NCSC’’s advice, we recommend the following 6 security practices are implemented for all business who rely on technology:
 
  1.  Implement multi-factor authentication on all accounts which are important to your business (work email, online-banking, CRM systems etc.)
  2.  Ensure employee devices (e.g., laptops, phones), business systems (websites, servers, cloud systems) and software/applications are using the latest version of software. Ideally, utilise automatic updates where possible to remove the need for manual patching intervention.
  3. Check backups for critical systems or data are set up properly and can be restored in an appropriate timescale. Remember, large backups which are stored online may will take a long-time to restore over an internet connection..
  4.  Educate employees on cyber security threats such as phishing, ransomware etc. And ensure they know what to do when they see something suspicious.
  5.  Sign up your organisation to the free NCSC “Early Warning Service” to ensure you are alerted to any vulnerabilities on your website or IP addresses. 
  6.  Have a security incident response plan ready. Be prepared for incidents beforehand, to help minimise the duration and impact of incidents. 

For further information please review publications from the NCSC.

Kloudwerk works with you to help you keep the cyber criminals out. We offer affordable cyber security consultancy packages for business customers.  Please visit our Cyber Consultancy page for more information.

Share:

Facebook
Twitter
Pinterest
LinkedIn

Leave a Reply

Your email address will not be published.

On Key

Related Posts

WEBSITE SECURITY REPORT

GOLD

Imagine you own a house and want to add an additional floor. First you have to review and strengthen the foundations. This service builds cybersecurity foundations to facilitate growth in a resilient, timely manner.

This service will also provide the company with a cybersecurity risk assessment and improvement plan but with significantly more support from a senior consultant to help the company embed improvements in a continuous, timely manner

SILVER

The dreaded car MOT is looming. It’s the unforeseen wear & tear that results in some necessary annual maintenance. Our cybersecurity review will highlight what needs to be done as your engineers.

In addition to the context gathering stage and security footprinting service, a senior consultant will perform a risk assessment to understand the company’s cyber risks and provide recommendations. They will also be available to undertake monthly calls for answering questions, providing guidance and checking on whether risks are reducing.

BRONZE

You’re embarking on a more active lifestyle, chosen to go on a diet and get in shape. Think of this service as the cybersecurity equivalent of the personal trainer, helping you along the way.

After an initial context gathering stage, a junior security consultant will be available once per month to answer questions and provide recommendations based on company goals and activities. A cybersecurity footprinting service will allow the company to continuously monitor its external security posture.

Add Your Heading Text Here

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

Add Your Heading Text Here

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.