Ukraine crisis: Prepare for Russian cyber attacks, security chiefs warn British firms

Some of the suggested measures include patching systems as well as improving access controls and enabling multi-factor authentication

Benjamin Cooper
Friday 28 January 2022 08:24
British organisations have been warned to bolster their digital defences due to ‘malicious’ cyber incidents in Ukraine (Peter Byrne/PA)
British organisations have been warned to bolster their digital defences due to ‘malicious’ cyber incidents in Ukraine (Peter Byrne/PA)

British organisations have been warned to bolster their digital defences due to “malicious” cyber incidents in Ukraine

The National Cyber Security Centre (NCSC) has updated its guidance to UK firms and groups and said it is is investigating the recent reports of “malicious cyber incidents in Ukraine”.

The NCSC said it had not identified any current threats to the UK, but noted its updated guidance would allow organisations “to build resilience and stay ahead of potential threats”.

... we are monitoring the situation closely and it is vital that organisations follow the guidance to ensure they are resilient

NCSC's Paul Chichester

The centre’s director of operations, Paul Chichester, said: “The NCSC is committed to raising awareness of evolving cyber threats and presenting actionable steps to mitigate them.

“While we are unaware of any specific cyber threats to UK organisations in relation to events in Ukraine, we are monitoring the situation closely and it is vital that organisations follow the guidance to ensure they are resilient.

“Over several years, we have observed a pattern of malicious Russian behaviour in cyberspace. Last week’s incidents in Ukraine bear the hallmarks of similar Russian activity we have observed before.”

The updated guidance encourages organisations to reduce the risk of falling victim to a cyber attack by taking “actionable” steps.

These include patching systems, improving access controls and enabling multi-factor authentication, implementing an effective incident response plan, checking that backups and restore mechanisms are working, ensuring that online defences are working as expected, and keeping up to date with the latest threat and mitigation information.

Those organisations who do fall victim to a cyber attack are asked to report the incident to the NCSC’s incident management team.

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in