UK organisations encouraged to take action in response to current situation in and around Ukraine

1643988621726 cybersecurity

The NCSC is investigating the recent reports of malicious cyber incidents in Ukraine. Incidents of this nature are similar to a pattern of Russian behaviour seen before in previous situations, including the destructive NotPetya attack in 2017 and cyber attacks against Georgia. The UK Government has attributed responsibility for both these attacks to the Russian Government.

While the NCSC is not aware of any current specific threats to UK organisations in relation to events in and around Ukraine, the guidance encourages organisations to follow actionable steps that reduce the risk of falling victim to an attack, including:

  • patching systems;
  • improving access controls and enabling multi-factor authentication;
  • implementing an effective incident response plan;
  • checking that backups and restore mechanisms are working;
  • ensuring that online defences are working as expected, and;
  • keeping up to date with the latest threat and mitigation information.

The guidance, also advises organisations which fall victim to a cyber attack to report the incident to the NCSC’s 24/7 Incident Management team.

This advice is the basis for good Cyber Hygiene which I would hope to see in all businesses. If you require advice or assistance with any of this please don’t hesitate to get in touch with me directly or with the cybersecurity team at [email protected].

More information can be found here: www.ncsc.gov.uk or CyberNews

Related Posts

  • Understanding the dangers of ‘Permission Creep’

    Understanding the dangers of ‘Permission Creep’

    Cybersecurity

    This blog post explains what permission creep is, how it can expose sensitive data to unauthorised users, and what steps an organisation can take to prevent permission creep. [...]

    Read article

  • Using cybersecurity training to reduce an organisation’s risk of a cyberattack.

    Using cybersecurity training to reduce an organisation’s risk of a cyberattack.

    Cybersecurity

    Cybersecurity training is an important tool for organisations to prevent and mitigate cyberattacks, we explore the types of training available to organisations. [...]

    Read article

  • The risks of ChatGPT, and the Rise of AI.

    The risks of ChatGPT, and the Rise of AI.

    Cybersecurity

    Artificial intelligence (AI) is a game-changing technology in this blog we explore the risks and benefits of using AI-powered language models such as ChatGPT [...]

    Read article

  • How secure is MFA based on SMS and Voice calls?

    How secure is MFA based on SMS and Voice calls?

    Cybersecurity

    In this blog ramsac's cybersecurity expert Voke Augoye explores how secure Multi-factor authentication is when using SMS and voice calls. [...]

    Read article

  • Microsoft Office – High Severity Vulnerability

    Microsoft Office – High Severity Vulnerability

    Cybersecurity

    Earlier this month Microsoft announced there was a High Severity vulnerability affecting Microsoft Office products. In this blog we explain what the vulnerability is and how to protect against it. [...]

    Read article

  • EDR, MDR, XDR, SIEM, SOC – understanding the jargon in cybersecurity monitoring

    EDR, MDR, XDR, SIEM, SOC – understanding the jargon in cybersecurity monitoring

    Cybersecurity

    The cybersecurity product market is full of acronyms which can make it hard to determine what security monitoring services you need, and what benefits you get from them, this [...]

    Read article