National Cyber Security Centre (NCSC) warns UK organisations to bolster their cyber resilience

Following the distressing news of Russia’s invasion of Ukraine, Lindy Cameron, CEO of the National Cyber Security Centre (NCSC) has advised all UK organisations to bolster their cybersecurity resilience. This urgent update comes in response to the recent, malicious cyber incidents happening in and around Ukraine.

Don’t bury your head in the sand

National Cyber Security Centre (NCSC) CEO, Lindy Cameron authors a Sunday Telegraph article detailing the cyber risks of the Ukrainian war, with a direct message to business leaders:

“I’m sure there will be business leaders across the country who think: “It’s too complicated.” Unfortunately, for businesses today, cyber security is essential.

Given the potential impact that breaches can have, all business leaders must take this threat seriously – or risk significant business impact.”

This guide enables business leaders to understand the key facts and how the escalated cyber threats affect UK organisations:

• What’s happening?
• How does it affect UK organisations?
• What is government advice to UK business leaders?
• What should I do next?
• What are we doing?

What’s happening?

Ukrainian government, banks, infrastructure, and individuals are simultaneously being targeted by state-sponsored, Russian cyberattacks. Their aim: to cause disruption and limit communications. So far, it has caused:

• Severe internet disruption in Ukraine.
  
  
• 70 attempts to deface Ukrainian government websites, ten being successful.
  
  
• Distributed Denial-of-Service (DDoS) attacks targeted at Ukraine’s armed forces, defense ministry, public radio, and two large banks. This is where a service or network is brought down due to an overwhelming flood of Internet traffic.
  
  
• Reports of widespread phishing attacks, with the aim to spread malicious software across private and public sector networks.

These cyberattacks are sophisticated and persistent. It has led to the Ukraine government deploying an 'IT army' to counter Russian cyber warfare, with EU counterparts helping in this hybrid war. As the situation in Ukraine continues to escalate, so does the risk of these attacks spreading further afield.

How does it affect UK organisations?

Government and security bodies anticipate more cyberattacks, with UK organisations potentially being caught in the conflict. While it is impossible to predict how this conflict might affect UK organisations, your existing security measures should be reassessed. 

Cyberattacks do not respect geographic boundaries. An attack does not have to be directly aimed at your organisation for you to feel the impact. An attack inside a complex supply chain could seriously affect your organisation’s operations.

In the same Sunday Telegraph article, NCSC CEO, Lindy Cameron, explained the relevance of the attacks to small UK organisations:

• The UK is closer to the crisis in Ukraine than you might think - cyberattacks do not respect international boundaries.
  
  
• Russia has a history of carrying out disruptive or destructive cyberattacks, with international impact.
  
  
• Targeted malware could “spiral recklessly out control to affect many other countries, including the UK.”

What’s government advice to UK business leaders?

NCSC CEO, Lindy Cameron has advised the following guidance:

• Accelerate your plans to raise your cyber resilience for longer-term security and prosperity.
  
  
• Get proportionate cybersecurity for your business size.
  
  
• Ensure your systems are patched.
  
  
• Check your back-ups.
  
  
• Implement effective incident response plans.
  
  
• Follow NCSC cybersecurity guidelines following Russia's attack on Ukraine.

What should I do next?

I can’t stress enough, now is the time to reassess your cybersecurity. 

I highly recommend proactively raising the base level of security as a matter of urgency to:

• Prioritise necessary cybersecurity work.
  
  
• Give your organisation the best chance of preventing a cyberattack when it may be more likely, and recover quickly if it happens.
   

suggested plan of action:

1. Follow NCSC guidance

As per NCSC advice, develop a continuous improvement strategy – the following steps offer further guidance on what this might look like.

2. Audit your current cybersecurity

A security audit will pinpoint areas of weakness in your organisation. To help in these extraordinary circumstances, we are offering a complimentary security audit to local businesses and clients.

I welcome you to get in touch or book a no-obligation meeting in my diary. I am happy to offer guidance on best practices and discuss the most appropriate and cost-effective steps to bolster your cybersecurity resilience.

3. Consider your cybersecurity options. 

If you are worried about your resilience, there are a number of options you can take:

Enhanced Cybersecurity Package

While we offer Core cybersecurity as part of our IT support package, the core service is designed for start-ups and only includes essential controls. The Enhanced Cybersecurity package is the level of security we would recommend and would ensure your business meets NCSC current guidelines. The Enhanced Package includes:

Employee security awareness training: Formal education of security to non-technical employees to understand their responsibilities and signs of malicious activity.

Phishing simulations: Train and test employees to identify and report email scams.

Dark web monitoring: Have your details been stolen? We find personal, business and banking details associated with your organisation that is for sale on the black market.

Endpoint detection: and response Continuous monitoring and response to advanced threats.

Disaster recovery testing: Test your disaster recovery plan and be assured that your data can be recovered after a flood, fire or cyberattack. *As recommended by the NCSC in the latest guidance

Cyber Essentials Accreditation

Cyber Essentials is a government-backed cybersecurity framework, designed to help organisations of any size to implement a simple yet effective security framework. Cyber Essentials protects organisations against the vast majority of cyberattacks. Cyber Essentials is the level of security government recommends to all organisations. We highly recommend that every organisation works towards this level of cybersecurity.

We can help you to pass Cyber Essentials, taking on the hard work and guiding you through the process. Our aim is to provide a hassle-free experience with easy, predictable budgeting. Get in touch if you want to find out more.

IASME Governance Certification

IASME Governance is a higher standard certification, one step higher than Cyber Essentials. It is designed for small/medium companies to demonstrate a good level of cybersecurity to their supply chain. It was developed in the UK as an affordable alternative to the international standard, ISO 27001.

The IASME Governance standard indicates that an organisation is taking good steps to properly protect their customers’ information and incorporates both Cyber Essentials assessment and GDPR requirements.

ISO 27001

The internationally-recognised Information Security Management System Standard, ISO 27001, demonstrates a full commitment to security and often helps organisations meet contractual security requirements. For a small business, this certification is a substantial commitment but is achievable. View our ISO 27001 case study. 

4. Remind your staff to remain vigilant against cyberthreats

Ensure your team understands the situation and the heightened threat. Remind employees of the role they play in keeping you secure, including to:

Be aware of email spam:

Employees should actively look out for indicators of potential email compromise attacks.  

Be skeptical:

Last-minute changes in wiring instructions or recipient account information must be verified.

Double-check web addresses:

Ensure the URL in the email is associated with the business it claims to be from.

URL mis-spellings:

Be alert to misspelled hyperlinks in the actual domain name.

Security updates:

Ensure users have updated their systems and applications to the latest release which typically includes the latest security enhancements. Accept security updates and restart your computer once a week.

Report incidents:

Ensure everyone knows how to report suspected security events and why reporting during a period of heightened threat is so important.

Ongoing cybersecurity training

Ongoing cybersecurity awareness training is the best means of encouraging a security culture in your organisation. This is included in our Enhanced Cybersecurity Package, to provide consistent training and awareness amongst all levels of staff.

What are we doing?

• We are in active communication with all our technology partners to exchange real-time threat intelligence.
  
  
• We are also conducting ongoing audits of our infrastructure and processes to ensure our defenses against possible exploitation from Russian state-sponsored threat actors.
   
• The protection of your organisation is our number one priority, and we will update and advise you as circumstances necessitate. 
  
  
• Offering a security audit and access to our cybersecurity experts to discuss your cybersecurity.
  
  
• We are raising the security thresholds on our managed firewall to reflect the increased risk from Eastern Europe.

Here to help

The easiest way to address your organisation’s cybersecurity concerns is by booking time with me to discuss your security. I welcome you to get in touch or book a no-obligation meeting in my diary. I will be happy to offer best practice guidance, and find cost-effective steps to bolster your cybersecurity resilience.