Paul Chichester, NCSC Director of Operations, said:
The NCSC is committed to raising awareness of evolving cyber threats and presenting actionable steps to mitigate them. While we are unaware of any specific cyber threats to UK organisations in relation to events in Ukraine, we are monitoring the situation closely and it is vital that organisations follow the guidance to ensure they are resilient.
Over several years, we have observed a pattern of malicious Russian behaviour in cyberspace. Last week’s incidents in Ukraine bear the hallmarks of similar Russian activity we have observed before.
So, in essence, Russia has a track record of increasing cyber activity in times of tension. But why would they bother with UK businesses, particularly in the SME arena. Well, it’s not a stretch to think that if they can disrupt business and cause a bit of havoc, they actually disrupt the smooth running of the country and take focus away from the threat they are posing on the ground, whilst at the same time weakening our ability to respond.
The NCSC is investigating the recent reports of malicious cyber incidents in Ukraine. Incidents of this nature are similar to a pattern of Russian behaviour seen before in previous situations, including the destructive NotPetya attack in 2017 and cyber attacks against Georgia. The UK Government has attributed responsibility for both these attacks to the Russian Government.
It should be stressed that there is no specific threat to the UK currently in relation to the situation in the Ukraine, however it simply sensible to take whatever reasonable precautions you can, to safeguard your business and the UKs interests.
It is highly recommended that you take the following steps:
- Ensure all your desktops, servers and other devices are patched up to date.
- Ensure that your access controls are robust and up to date. Enable multi-factor authentication where practicable and have an effective incident response plan.
- Check that your backups will actually restore and that on-line defences are working as expected.
- Try to keep up to date with the latest threat information.
- Make your staff aware of the latest threats. Arguably the biggest quick win of all is Cyber Awareness Training for all staff, not just technical staff.