CONNECTING THE DEFENCE COMMUNITY WITH INSIGHT, INTELLIGENCE & OPPORTUNITIES

Officially Supported By: Defence Contracts International Supply2Defence

Official Media Partners for:

The crisis in Ukraine has prompted the Ministry of Defence (MOD) to remind its partners and the defence supply chain to revisit the strength of their cyber security in readiness for any potential attack from Russia.

Russia has a reputation for carrying out cyber-attacks and a number of leading organisations have updated their guidance in light of the escalating military action in Eastern Europe.

The message comes from Director General Commercial at the MOD, Andrew Forzani, who has highlighted a number of key organisations’ recent guidance updates and recommended reiterating the importance of cyber vigilance across all levels of operation.

The National Cyber Security Centre (NCSC)

The National Cyber Security Centre (NCSC) has updated its guidance to UK companies and organisations and is urging UK organisations to bolster their cyber security resilience in response to the recent reports of malicious cyber incidents in and around Ukraine.

The NCSC is investigating these recent reports, which follow a similar pattern of Russian behaviour seen in previous situations such as the NotPetya attack in 2017 and cyber-attacks against Georgia.

What does the NCSC advise?

While the NCSC has stated it has no knowledge of any current specific threats to UK organisations in relation to the situation in Ukraine, organisations are being encouraged to take steps that will reduce the risk of their falling victim to an attack.

These include:

  • patching systems
  • improving access controls and enabling multi-factor authentication
  • implementing an effective incident response plan
  • checking back-ups and restore mechanisms are working
  • ensuring that online defences are working as expected
  • keeping up to date with the latest threat and mitigation information.

Paul Chichester, NCSC Director of Operations, said: “The NCSC is committed to raising awareness of evolving cyber threats and presenting actionable steps to mitigate them. While we are unaware of any specific cyber threats to UK organisations in relation to events in Ukraine, we are monitoring the situation closely and it is vital that organisations follow the guidance to ensure they are resilient. 

“Over several years, we have observed a pattern of malicious Russian behaviour in cyberspace. Last week’s incidents in Ukraine bear the hallmarks of similar Russian activity we have observed before.”

The Centre for the Protection of National Infrastructure (CPNI)

The Centre for the Protection of National Infrastructure (CPNI) has also published advice for organisations in light of the recent tensions.

They are urging organisations to undertake a review of their existing risk assessment to understand any increased insider risks, which should help to form a response to managing these threats.

These include tightening any vetting processes and to advise staff of their responsibilities to disclose any personal connections or circumstances such as recent travel to the Ukraine region which could potentially compromise the security of an organisation. This also means educating staff as to how they may be at risk – including being targeted on social media platforms or phishing scams.

Promoting a strong security message – internally and externally – is also recommended, to help thwart any hostile intentions.

Protecting the supply chain

The CPNI have also provided guidance to those organisations whose supply chain may be directly or indirectly targeted during the political instability and conflict.

The advice is to increase resilience against the threat by optimising supply chain defences, incident management and business continuity capability.

A number of areas could be used to disrupt the supply chain with cyber providing a significant threat.

The CPNI warn that an attack on cyber infrastructure could be carried out to undermine confidence in your organisation, create disruption or gain insight into business activity which enables further disruptive activity such as the exploitation of insiders.

Russia or other cyber criminals could also potentially use methods such as ransomware, which may impact your organisation even if it wasn’t the original intention.

The CPNI recommends a number of measures to combat the threat.

These include:

  • Having visibility of your organisations’ high-risk and critical suppliers, including those who need to become more security mature
  • Checking if you have given system administration rights to any supplier(s). If so, investigate to see if it is essential to fulfil their task
  • Provide suppliers with only the access to information that is strictly necessary for their operation. Remember to revoke access rights for those suppliers that no longer require access

Looking for further guidance on how to strengthen your cyber security?

If you are keen to learn more about how you can improve your company’s cyber resilience, why not register for your free place at next week’s webinar, which is being hosted by Cohesity. Taking place on 2 March, the session will provide expert advice on how to mitigate ransomware attacks and how to define a cyber resilience strategy.

Register your place here.

 

If you would like to join our community and read more articles like this then please click here

Ministry of Defence MOD Ukraine

Post written by: Matt Brown

LATEST STAKEHOLDER

Become a Stakeholder today and benefit from an exclusive marketing package which will allow you to:

  • Engage with active defence buyers and key supply chain partners
  • Create your own branded micro-site which within Defence Online which is managed by you
  • Have a dedicated Digital Account Manager to help enhance your Stakeholder page
  • Promote your news, products, press releases, eBooks and Videos as a Defence Online partner which feeds through to our homepage and social media channels
  • Have your company promoted on our partner website Defence Contracts Online (DCO)
  • All news promoted in mynewsdesk, a major hub for all of our news articles which enables news to be picked up from trade magazines, national newspapers and many other publications which offers extra exposure at no additional cost!

Contact us today or call us on 0845 557 1315 to take advantage of this exclusive marketing package


RELATED ARTICLES

The Ministry of Defence (MOD) has published the seventh edition of its Global Strategic Trends: Out to 2055, offering a comprehensive analysis of long-term global trends with significant implications for the defence sector.

October 18, 2024

Homeland - MoD releases new Global Strategic Trends Analysis

The Ministry of Defence (MOD) has published the seventh edition of its Global Strategic Trends: Out to 2055, offering a

DPRTE partner DIO awards £1.6bn contracts to upgrade UK Defence estate

October 17, 2024

Homeland - Defence contractors compliance with SSRO under scrutiny

The latest Compliance Bulletin evaluates how effectively defence contractors are adhering to the regulations for reporting on non-competitive, or single