The UK’s National Cyber Security Centre (NCSC) urges organizations to improve cybersecurity due to the risk of imminent destructive cyberattacks from Russia-linked APT groups.
The NCSC is investigating recent cyber attacks against entities in Ukraine making parallelism with other attacks preciously attributed to Moscow, such as NotPetya (2017) and cyber attacks against Georgia.
“UK organisations are being urged to bolster their cyber security resilience in response to the malicious cyber incidents in and around Ukraine. ” reads the alert published by the NCSC.
While the tension between Ukraine and Russia is rising, the risks of cyber attacks against European and US entities is increasing
NCSC’s guidance encourages organizations to perform the following actions to increase their resilience to cyber attacks:
- patch systems;
- improve access controls and enabling multi-factor authentication;
- implement an effective incident response plan;
- check that backups and restore mechanisms are working;
- ensure that online defences are working as expected, and;
- keep up to date with the latest threat and mitigation information.
The good news is that the UK cybersecurity agency is not aware of any current specific threats to UK organisations linked to the events in Ukraine.
Previous known cyberattacks from Russia
“The NCSC is committed to raising awareness of evolving cyber threats and presenting actionable steps to mitigate them. While we are unaware of any specific cyber threats to UK organisations in relation to events in Ukraine, we are monitoring the situation closely and it is vital that organisations follow the guidance to ensure they are resilient.”Paul Chichester, NCSC Director of Operations.
“Over several years, we have observed a pattern of malicious Russian behaviour in cyberspace. Last week’s incidents in Ukraine bear the hallmarks of similar Russian activity we have observed before.”Paul Chichester, NCSC Director of Operations.
Recently the UK agency released NMAP Scripting Engine scripts that can help defenders to scan their infrastructure to find and fix unpatched vulnerabilities impacting them.
The scripts were developed by i100 (Industry 100), an initiative that promotes close collaborative working between the NCSC and 100 industry personnel.
The scripts will be published on GitHub through a project named Scanning Made Easy (SME).
Read more on Cyberattacks from Russia
You may also enjoy reading, The largest DDoS to date, Microsoft mitigates a 3.47 Tbps DDoS attack
Stay informed of the latest Cybersecurity trends, threats and developments. Sign up for RiSec Weekly Cybersecurity Newsletter Today
Remember, CyberSecurity Starts With You!
- Globally, 30,000 websites are hacked daily.
- 64% of companies worldwide have experienced at least one form of a cyber attack.
- There were 20M breached records in March 2021.
- In 2020, ransomware cases grew by 150%.
- Email is responsible for around 94% of all malware.
- Every 39 seconds, there is a new attack somewhere on the web.
- An average of around 24,000 malicious mobile apps are blocked daily on the internet.
- UK bans Chinese CCTV cameras at ‘sensitive’ government locations - 26 November 2022
- Chrome Update: Exploited Zero-Day Vulnerability fixed by Google, the 8th this year - 25 November 2022
- RESEARCH: analytics information related to iPhones include a Directory Services Identifier (DSID) that may be used to identify users - 24 November 2022