Ukraine crisis: Guidance on strengthening your cybersecurity

Guidance on strengthening your cybersecurity Guidance on strengthening your cybersecurity Guidance on strengthening your cybersecurity
Photo of Oliver Pinson-Roxburgh

Oliver Pinson-Roxburgh

CEO and Co-Founder

2nd March 2022

Russian hackers targeting UK businesses

Cyberwarfare is a present-day threat when conflict between two nations develop, with cyberattacks targeting government departments, banks and communication networks, alongside a military invasion. Threats can disable computer systems, spread disinformation, or used for espionage, all of which can extend beyond the feuding nations.

As the Ukrainian crises deepens, UK organizations could be caught in the crossfire as hackers scour servers for vulnerabilities to exploit. We discovered an increase in malicious cyber activity and attacks emanating from Russia on 20th January 2022 concerning Russian-based IP addresses that were targeting UK’s financial institutions scanning for vulnerabilities. Of course, any weaknesses detected by hackers are an opportunity to conduct more debilitating attacks. For example, the DDoS attacks that took place on Ukrainian organizations on February 15th and 16th that were attributed to Russian hackers. Any NATO sanctions on Russia since invading Ukraine may trigger retaliatory cyberattacks on NATO allies, including the UK. So, it’s paramount businesses strengthen their cyber resilience against potential threats that may arise from the conflict and exercise good cybersecurity practice.

UK businesses warned to strengthen their cyber defenses

The National Cyber Security Centre (NCSC) has given a stark warning to organizations to strengthen their cyber defenses since the DDoS attacks on Ukraine, and ahead of any forthcoming cyberattacks. The Cybersecurity and Infrastructure Security Agency (CISA) also issued ‘Shields Up’ guidance to all organizations in the US with recommendations to increase their cybersecurity posture. The guidance includes advice for organizations on how to reduce the risks of a data breach by maximising their cyber resilience, taking swift action to detect cyber intrusions, and preparing incident response teams ahead of potential attacks.

Defense.com has already noticed some of our customers in financial and insurance sectors being targeted with attempted attacks since the rise in tensions between Russia and Ukraine. When threat levels are raised, it’s advised to be proactive in securing systems to reduce exposure and minimize the risk of a cyber attack. Here are some fundamental actions organizations should prioritize to ensure their security posture is robust:

Actions to avert cybersecurity risks

Assess your vulnerabilities

Assess and prioritize vulnerabilities that need to be fixed immediately and could have the biggest impact on the organization if exploited. Consider the costs and availability of resources required to fix issues to avoid prolonged system downtime. For a more comprehensive assessment of your threat landscape, a penetration test will enable you to understand where your vulnerabilities lie and provide guidance on how to fix any flaws before a threat actor can take advantage of them.

Review your access controls

Stronger access controls should be implemented to prevent unauthorized access to your IT network. If third parties have access to your systems or cloud, it is essential you understand their level of privilege and what they can access to safeguard against the threat of a breach that impacts your data. Every employee needs training to understand the importance of strong passwords and how critical these are to the security of business and personal data. Implementing multi-factor authentication (MFA) is advised to further strengthen your security posture and reduce the risk of hackers gaining access to privileged accounts.

Incident response plan

The damage from a cyber attack can be minimized with a well-structured incident response plan. If you already have an incident response plan in place, ensure that it is up to date, the roles and responsibilities of key personnel are clearly defined, and that both the escalation methods and contact details for key stakeholders are listed and accurate.

System patching

Manage your risk by ensuring all devices, operating systems, and applications are patched. Unpatched systems are at risk of being exploited by hackers using known vulnerabilities. If systems and applications are not updated, businesses are highly susceptible to cyberattacks and data breaches.

Back up data

Regularly back up data to avoid cyber threats such as malware and ransomware. Storing backup data offline for example, is a way of isolating it from its live environment while keeping it protected from cyberattacks. This means that any cybersecurity incident threatening your live environment will not affect the backup data, giving you greater peace of mind that business-critical data can be restored in the event of a cyber attack.

Brief your organization

Inform your employees and wider organization, including partners, customers, and third-party suppliers on how current events could pose a risk to the business and what the company is doing to protect business-critical and customer data. This will give all stakeholders greater peace of mind that your business is proactive in dealing with potential threats and that your cybersecurity is robust.

A proactive approach to stay ahead of the hackers

The increase in Russian-related cyber activity detected early this year, which will likely increase since Russia’s invasion of Ukraine, is a signal for organizations to secure their networks and data before more cyberattacks begin to surface. Strong cybersecurity resilience is key to safeguarding your network and infrastructure against cyber threats. Following these key approaches and reviewing your existing security policies and procedures will help to mitigate current cybersecurity risks and stay one step ahead of the hackers.

Start protecting your business today with a free trial

Get in touch today to start your free trial of Defense.com™ and discover how we can help you take the stress out of your cybersecurity.

Subscribe

Get actionable cyber security advice and insights straight to your inbox.