Cyber Fall-out from Russia – Ukraine Conflict | Protect Yourself & Your Organisation.

Home / News / Cyber Fall-out from Russia – Ukraine Conflict | Protect Yourself & Your Organisation.

Cyber Fall-out from Russia – Ukraine Conflict

On the 28th of January, the NCSC issued a statement warning British organisations of potential spill-over from the rampant malicious cyber-attacks in and around Ukraine in the lead up to the Russian invasion.

We want to echo and support their call to preparation by providing brief, top-level details on basic and advanced practices that can fortify yourself and your organisation against potential threats.

In this section:

Posts

Download our PDF of this content

NCSC Cyber Essentials

Keep your systems up to date.

  • Operating systems on devices.
  • Third party software; apps, web browser, and extensions.
  • Firmware.
  • Internet facing services.
  • Business systems.

Keeping everything updated makes it far more difficult for attackers to compromise devices and systems. Developers regularly review the products or services they support. In doing so, they identify potential vulnerabilities in security, bugs, and opportunities to improve performance. Critical practice is to back up your data before an update to avoid possible complications.

You can monitor the status of updates through MDM logs. It is also possible to restrict access to data for devices that are not up to date.

Update & Secure Passwords

  • Ensuring that passwords across your organisation are unique and not used for any outside sources.
  • Set up multi-factor authentication where possible and check the configuration.
  • Remove any old and idle accounts that have access to a system. Especially accounts with privileged access.
  • Review the entire systems admin structure to identify vulnerabilities.
  • Password managers: using a reputable password manager that can generate and save robust passwords is recommended. When opening an account with a password manager, using a secure email address that is removed from general use is also encouraged.

Review Third-Parties

Organisations can often be interconnected. Make sure you audit third-party access to your systems.

  • Remove any expired access.
  • Communicate with the organisation about their security practises.
  • Understand the access entirely – the privilege, and who has it.

Third party reviews are especially important in critical infrastructure organisations such as healthcare, finance, agriculture, and more.

Data Protection – Review Backups

  • Testing data restoration can prevent future problems if there is a malfunction.
  • Keep air-gapped backups and storage of any highly sensitive data.
  • Review and renew your cloud storage architecture.

Phishing

Training staff how to identify and report phishing emails, calls, malware, and other threats can significantly reduce the likelihood of an unassuming actor compromising security. This is one of the most common adversary tactics and can come in various forms.

Incident Plan

Knowing how to respond in the event of an attack is crucial.

  • Know what actions you must take depending on the type of attack, such as ransomware, phishing, etc.
  • When do you involve The Police?
  • When do you involve the NCSC?
  • Companies are legally bound to inform the Information Commissions Office (ICO).
  • How and when do you inform insurance companies?

Having a comprehensive plan in place allows for faster response times, which minimises damages and can make the whole process much easier to deal with.

External Vulnerability Scan

An attacker would likely perform reconnaissance across an organisations public facing network to identify information leakage and possible routes of attack.

Review all public facing websites and networks. The aim is to look for vulnerabilities in a similar way to an attacker. From there, and potential weak points can be augmented and fortified.

Advanced Cyber Security Practises

  • Simulated phishing attacks: craft emails with the goal of convincing targets to compromise security. Observe and correct any issues with their response as a part of training.
  • Red Team Exercises: simulated physical and virtual attacks on an organisation. This can provide far deeper insights into problems, vulnerabilities, and overall status of the organisations security.

For advanced practises, hiring an outside entity of experts is the optimal way of carrying out the most effective testing.

At the Cyber Defence Service, we can run a range of assessments to help secure your organisation. Feel free to contact us, and we can discuss the next steps.

Finger pressing holographic lock

Related Posts: