British organisations have been warned by GCHQ to bolster their digital defences due to “malicious” cyber incidents in Ukraine.
The National Cyber Security Centre (NCSC), which is part of GCHQ has updated its guidance to UK firms and groups and said it is is investigating the recent reports of “malicious cyber incidents in Ukraine”.
The NCSC said it had not identified any current threats to the UK, but noted its updated guidance would allow organisations “to build resilience and stay ahead of potential threats”.
The centre’s director of operations, Paul Chichester, said: “The NCSC is committed to raising awareness of evolving cyber threats and presenting actionable steps to mitigate them.
“While we are unaware of any specific cyber threats to UK organisations in relation to events in Ukraine, we are monitoring the situation closely and it is vital that organisations follow the guidance to ensure they are resilient.
“Over several years, we have observed a pattern of malicious Russian behaviour in cyberspace. Last week’s incidents in Ukraine bear the hallmarks of similar Russian activity we have observed before.”
The updated guidance encourages organisations to reduce the risk of falling victim to a cyber attack by taking “actionable” steps, which are:
- patching systems;
- improving access controls and enabling multi-factor authentication;
- implementing an effective incident response plan;
- checking that backups and restore mechanisms are working;
- ensuring that online defences are working as expected, and;
- keeping up to date with the latest threat and mitigation information.
Those organisations who do fall victim to a cyber attack are asked to report the incident to the NCSC’s incident management team.