U.K. organizations are being urged to bolster their cybersecurity resilience in response to the malicious cyber incidents in and around Ukraine.
It comes after the National Cyber Security Centre (NCSC), which is part of GCHQ, updated its guidance to U.K. companies and organizations last week.
The NCSC is investigating the recent reports of malicious cyber incidents in Ukraine. Incidents of this nature are similar to a pattern of Russian behavior seen before in previous situations, including the destructive NotPetya attack in 2017 and cyber attacks against Georgia. The U.K. government has attributed responsibility for both these attacks to the Russian Government.
While the NCSC is not aware of any current specific threats to U.K. organizations in relation to events in and around Ukraine, the guidance encourages organizations to follow actionable steps that reduce the risk of falling victim to an attack, including:
- patching systems;
- improving access controls and enabling multi-factor authentication;
- implementing an effective incident response plan;
- checking that backups and restore mechanisms are working;
- ensuring that online defenses are working as expected, and;
- keeping up to date with the latest threat and mitigation information.
Paul Chichester, NCSC Director of Operations, said NCSC is monitoring the situation closely and that it is vital that organizations follow the guidance to ensure they are resilient.
“Over several years, we have observed a pattern of malicious Russian behavior in cyberspace,” Chichester said. “Last week’s incidents in Ukraine bear the hallmarks of similar Russian activity we have observed before.”
The guidance, which is primarily aimed at larger organizations, also advises organizations which fall victim to a cyber attack to report the incident to the NCSC’s 24/7 Incident Management team.