UK firms are being urged to check their cyber defences by spy agency GCHQ amid concerns over potential Russian cyber attacks linked to growing tensions with Ukraine.
The National Cyber Security Centre (NCSC), which is part of the UK’s signals intelligence body GCHQ, updated its guidance to UK firms and groups on Friday, and said it is investigating the recent reports of “malicious cyber incidents in Ukraine”.
“While we are unaware of any specific cyber threats to UK organisations in relation to events in Ukraine, we are monitoring the situation closely and it is vital that organisations follow the guidance to ensure they are resilient,” the NCSC’s director of operations, Paul Chichester, said.
The warning follows a series of cyber attacks in Ukraine, suspected to have involved Russia, which Moscow denies.
“Over several years, we have observed a pattern of malicious Russian behaviour in cyber space. Last week’s incidents in Ukraine bear the hallmarks of similar Russian activity we have observed before,” Chichester added.
The guidance, which is primarily aimed at larger organisations, comes after the NCSC warned businesses in the UK’s critical national infrastructure – such as energy, water supply, transportation and telecommunications – about specific vulnerabilities Russian hackers have been known to exploit.
The updated guidance encourages organisations to reduce the risk of falling victim to a cyber attack by taking “actionable” steps, which include patching systems; improving access controls and enabling multi-factor authentication; implementing an effective incident response plan; checking that backups and restoration mechanisms are working; ensuring that online defences are working as expected, and keeping up to date with the latest threat and mitigation information.
Those organisations who do fall victim to a cyber attack are asked to report it to the NCSC’s incident management team.