The crisis in Ukraine has prompted the Ministry of Defence (MOD) to remind its partners and the defence supply chain to revisit the strength of their cyber security in readiness for any potential attack from Russia.
Russia has a reputation for carrying out cyber-attacks and a number of leading organisations have updated their guidance in light of the escalating military action in Eastern Europe.
The message comes from Director General Commercial at the MOD, Andrew Forzani, who has highlighted a number of key organisations’ recent guidance updates and recommended reiterating the importance of cyber vigilance across all levels of operation.
The National Cyber Security Centre (NCSC)
The National Cyber Security Centre (NCSC) has updated its guidance to UK companies and organisations and is urging UK organisations to bolster their cyber security resilience in response to the recent reports of malicious cyber incidents in and around Ukraine.
The NCSC is investigating these recent reports, which follow a similar pattern of Russian behaviour seen in previous situations such as the NotPetya attack in 2017 and cyber-attacks against Georgia.
What does the NCSC advise?
While the NCSC has stated it has no knowledge of any current specific threats to UK organisations in relation to the situation in Ukraine, organisations are being encouraged to take steps that will reduce the risk of their falling victim to an attack.
These include:
- patching systems
- improving access controls and enabling multi-factor authentication
- implementing an effective incident response plan
- checking back-ups and restore mechanisms are working
- ensuring that online defences are working as expected
- keeping up to date with the latest threat and mitigation information.
Paul Chichester, NCSC Director of Operations, said: “The NCSC is committed to raising awareness of evolving cyber threats and presenting actionable steps to mitigate them. While we are unaware of any specific cyber threats to UK organisations in relation to events in Ukraine, we are monitoring the situation closely and it is vital that organisations follow the guidance to ensure they are resilient.
“Over several years, we have observed a pattern of malicious Russian behaviour in cyberspace. Last week’s incidents in Ukraine bear the hallmarks of similar Russian activity we have observed before.”
The Centre for the Protection of National Infrastructure (CPNI)
The Centre for the Protection of National Infrastructure (CPNI) has also published advice for organisations in light of the recent tensions.
They are urging organisations to undertake a review of their existing risk assessment to understand any increased insider risks, which should help to form a response to managing these threats.
These include tightening any vetting processes and to advise staff of their responsibilities to disclose any personal connections or circumstances such as recent travel to the Ukraine region which could potentially compromise the security of an organisation. This also means educating staff as to how they may be at risk – including being targeted on social media platforms or phishing scams.
Promoting a strong security message – internally and externally – is also recommended, to help thwart any hostile intentions.
Protecting the supply chain
The CPNI have also provided guidance to those organisations whose supply chain may be directly or indirectly targeted during the political instability and conflict.
The advice is to increase resilience against the threat by optimising supply chain defences, incident management and business continuity capability.
A number of areas could be used to disrupt the supply chain with cyber providing a significant threat.
The CPNI warn that an attack on cyber infrastructure could be carried out to undermine confidence in your organisation, create disruption or gain insight into business activity which enables further disruptive activity such as the exploitation of insiders.
Russia or other cyber criminals could also potentially use methods such as ransomware, which may impact your organisation even if it wasn’t the original intention.
The CPNI recommends a number of measures to combat the threat.
These include:
- Having visibility of your organisations’ high-risk and critical suppliers, including those who need to become more security mature
- Checking if you have given system administration rights to any supplier(s). If so, investigate to see if it is essential to fulfil their task
- Provide suppliers with only the access to information that is strictly necessary for their operation. Remember to revoke access rights for those suppliers that no longer require access
Looking for further guidance on how to strengthen your cyber security?
If you are keen to learn more about how you can improve your company’s cyber resilience, why not register for your free place at next week’s webinar, which is being hosted by Cohesity. Taking place on 2 March, the session will provide expert advice on how to mitigate ransomware attacks and how to define a cyber resilience strategy.
Register your place here.
If you would like to join our community and read more articles like this then please click here
Ministry of Defence MOD Ukraine
Post written by: Matt Brown
RELATED ARTICLES
October 18, 2024
Homeland - MoD releases new Global Strategic Trends Analysis
The Ministry of Defence (MOD) has published the seventh edition of its Global Strategic Trends: Out to 2055, offering a
October 17, 2024
Homeland - Defence contractors compliance with SSRO under scrutiny
The latest Compliance Bulletin evaluates how effectively defence contractors are adhering to the regulations for reporting on non-competitive, or single
