Organisations urged to bolster their cyber security resilience

The National Cyber Security Centre is urging UK organisations to bolster their cyber security resilience in response to the malicious cyber incidents in and around Ukraine.

Having updated its guidance to UK companies and organisations last week, the NCSC has said that it is investigating the recent reports of malicious cyber incidents in Ukraine. Incidents of this nature are similar to a pattern of Russian behaviour seen before in previous situations, including the destructive NotPetya attack in 2017 and cyber attacks against Georgia. The UK government has attributed responsibility for both these attacks to the Russian Government.

While the NCSC is not aware of any current specific threats to UK organisations in relation to events in and around Ukraine, the guidance encourages organisations to follow actionable steps that reduce the risk of falling victim to an attack, including: patching systems; improving access controls and enabling multi-factor authentication; and implementing an effective incident response plan;.

Paul Chichester, NCSC Director of Operations, said: “The NCSC is committed to raising awareness of evolving cyber threats and presenting actionable steps to mitigate them. While we are unaware of any specific cyber threats to UK organisations in relation to events in Ukraine, we are monitoring the situation closely and it is vital that organisations follow the guidance to ensure they are resilient.

“Over several years, we have observed a pattern of malicious Russian behaviour in cyberspace. Last week’s incidents in Ukraine bear the hallmarks of similar Russian activity we have observed before.”