Earlier this month, a cyberattack targeted 70 Ukrainian government ministries and even pushed several websites offline. Russia has denied its involvement in the incident.
NCSC Urges Firms to be Ready for Any Spillover from Ukraine Cyber Attack
The National Cyber Security Centre (NCSC) is the public-facing arm of the Government Communications Headquarters (GCHQ). Its officials are assisting the Ukrainian government in investigating the attack. Based on this experience, the NCSC has issued a guidance to help British firms become resilient to potential attacks. At the moment, there is no evidence of any specific threat to British organizations. However, the NCSC aims for firms to be prepared in case the cyber attack spreads outside Ukraine. “While we are unaware of any specific cyber threats to UK organizations in relation to events in Ukraine, we are monitoring the situation closely and it is vital that organizations follow the guidance to ensure they are resilient,” Paul Chichester, NCSC’s director of operations, stated. “Over several years, we have observed a pattern of malicious Russian behavior in cyberspace. Last week’s incidents in Ukraine bear the hallmarks of similar Russian activity we have observed before,” Chichester added. Previously, the UK and the US accused Russian military intelligence of carrying out the NotPetya attack against Ukrainian IT systems. Consequently, the malware spread across 64 other nations including the UK.
Actionable Steps for Firms to Reduce Attack Risk
The NCSC’s guidance contains actionable steps for British firms. These steps will help reduce their risk of compromise. Some of the actionable steps include:
Patching relevant systems Making improvements to access controls Enabling multi-factor authentication Preparing and implementing a comprehensive incident response plan Ensuring backups and restore mechanisms are functioning properly Making sure online defense mechanisms are functioning properly Staying informed about the latest threat and mitigation data and protocols
The guidance is primarily for larger organizations. Furthermore, any organization that falls prey to an attack is advised to contact the NCSC’s 24/7 Incident Management team. Cybersecurity is equally important to smaller businesses. Nowadays, it is crucial for most businesses to have an online presence in some capacity. However, there are a variety of security concerns that can disrupt operations. These can vary from phishing and ransomware attacks to business email compromises. If you run a small business and want to learn more about how to improve cybersecurity, check out our beginner’s guide here.