Cyber unit instructs organisations that the time has come to ‘take action’ after attacks in Ukraine
The National Cyber Security Centre has instructed UK business to take urgent action to bolster their IT defences to best protect against potential cyberthreats from Russia.
The warning comes in light of growing tensions between leaders over Ukraine, and the potential threat posed by Russian troops that were recently moved close to the country’s borders.
The NCSC claims that recent weeks have also brought a spate of “malicious cyber incidents in and around Ukraine”. Over the last few years, the GCHQ-based cyber unit has joined overseas counterparts and government ministers in repeatedly calling out attacks attributed to Russian authorities.
The incidents seen in Ukraine in recent weeks “fit with the pattern of Russian behaviour previously observed”, it said.
The centre said that it is “not aware of any current specific threats to UK organisations in relation to events in and around Ukraine” but has updated its guidance to encourage UK organisations – particularly large companies – to take immediate steps to increase their cyber resilience.
Recommended measures include: “patching systems; improving access controls and enabling multi-factor authentication; implementing an effective incident response plan; checking that back-ups and restore mechanisms are working; ensuring that online defences are working as expected; and keeping up to date with the latest threat and mitigation information”.
Any organisations that believe they have suffered a cyberattack are instructed to contact the NCSC’s incident management team, which operates around the clock.
“The NCSC is committed to raising awareness of evolving cyberthreats and presenting actionable steps to mitigate them,” said the centre’s director of operations Paul Chichester. “While we are unaware of any specific cyberthreats to UK organisations in relation to events in Ukraine, we are monitoring the situation closely and it is vital that organisations follow the guidance to ensure they are resilient. Over several years, we have observed a pattern of malicious Russian behaviour in cyberspace. [Recent] incidents in Ukraine bear the hallmarks of similar Russian activity we have observed before.”