UK Concern Over Russian Cyber-Attacks

Companies in the UK have been urged to vastly improve their digital security processes amid concerns of a swath of potential Russian cyber-attacks that are circling the ongoing political crisis in Ukraine.

Updated Guidelines

The NCSC (National Cyber Security Centre), part of the GCHQ intelligence agency, has recently updated its guidelines to inform firms that it is essential to build resilience and stay ahead of all potential imminent threats.

UK organisations are now urged to bolster reinforced cyber security measures to combat malicious cyber-incidents in and around Ukraine. The NCSC has been investigating such incidents within Ukraine that are similar to patterns of Russian behaviour in previous instances but are yet to see any specific threats to UK organisations.

Following warnings issued to Russian President Vladimir Putin by the UK, US and EU for attacks on Ukraine and the deployment of 100,000 troops to its borders, the NCSC has high concerns that UK businesses could be targeted by specific attacks in the coming months.

Protecting Infrastructure

The current situation is being closely monitored and the issue of resilience by UK companies about protecting their infrastructure and adhering to guidance on protecting their businesses is now at a vital stage.

In early January, Ukraine government websites experienced a cyber-attack orchestrated by Russia, which warned the public to be afraid and expect the worst. Russia has been the focus of many malicious cyber-attacks over several years, which built up a recurring pattern that is directly linked to Ukraine’s cyber-attack.

The guidance, aimed primarily at the UK’s larger organizations, follows the NCSC’s warning to businesses in the critical national infrastructure. These include energy, water supply, transportation and telecommunications and include specific vulnerabilities that are prime targets for Russian hackers to exploit.

Ukraine Attack

In 2017, Ukraine was victim to a crippling Russian cyber-attack that erased entire computers throughout the country and reached other systems around the world – known as the NotPetya attack. The attack was able to gain access to computers by hacking a widely used tax reporting software, which affected foreign businesses based in the country as well as 60 other countries.

This attack was a piece of ransomware – where affected targets are held up for bitcoin to unlock their hard drives – but with no way of actually decrypting the affected files, resulting in a wiper attack.

Whilst some experts claim that an attack to the same level is unlikely within the UK, certain strategic targets are much more likely.

For more information on enterprise technology events and any upcoming cyber security conference, check out the upcoming events from Whitehall Media.