The National Cyber Security Centre (NCSC) is urging organisations to consult guidance published in response to the recent malicious cyber incidents in Ukraine.
Recent cyber activity in and around Ukraine “fits with the pattern of Russian behaviour previously observed, including in the damaging NotPetya incident, and UK organisations are being urged to bolster their cyber security resilience in response to the malicious cyber incidents in and around Ukraine”, the NCSC said.
No current threats to the UK have been identified, but guidance will allow organisations to build resilience and stay ahead of any potential threat, the NCSC said.
The guidance encourages organisations to follow actionable steps that reduce the risk of falling victim to an attack, including:
- patching systems;
- improving access controls and enabling multi-factor authentication;
- implementing an effective incident response plan;
- checking that backups and restore mechanisms are working;
- ensuring that online defences are working as expected; and
- keeping up to date with the latest threat and mitigation information.
The guidance, which is primarily aimed at larger organisations, also advises organisations that fall victim to a cyber attack to report the incident to the NCSC’s 24/7 incident management team.
Paul Chichester, NCSC director of operations, said: “The NCSC is committed to raising awareness of evolving cyber threats and presenting actionable steps to mitigate them. While we are unaware of any specific cyber threats to UK organisations in relation to events in Ukraine, we are monitoring the situation closely and it is vital that organisations follow the guidance to ensure they are resilient.
“Over several years, we have observed a pattern of malicious Russian behaviour in cyberspace. Last week’s incidents in Ukraine bear the hallmarks of similar Russian activity we have observed before.”
Don’t miss out on BIM and digital construction news: sign up to receive the BIMplus newsletter.