Following Russia’s attack on Ukraine, the National Cyber Security Centre has placed the cyber threat in the UK as “heightened”.
The cyber challenge becomes increasingly complex as the hacktivists group Anonymous have become involved. Anonymous has apparently hacked into Russia’s media censorship agency and released 340,000 files in the latest undermining of Putin’s war media campaign.
The reality is that there is an ongoing information and disinformation war. So, what we can actually believe in is uncertain.
Ever since the widespread adoption of the internet, there have been periods of time where businesses have faced increased cyber risk. Some examples within the last 5 years include the WannaCry ransomware attacks in 2017 and the SolarWinds malware attack in 2020. With Russian’s recent assault on Ukraine, the UK has entered another period of increased cyber risk. Currently there have been no known attacks on UK businesses, however the National Cyber Security Centre (NCSC) has provided guidance for UK businesses to improve their security posture in response to the increased cyber risk. In this article we discuss the potential risks facing businesses, and what they can do to remain vigilant and reduce the chance of falling victim to an attack.
Potential risks businesses face
Businesses are constantly at risk of falling victim to a cyberattack. In 2021, 4 in 10 UK businesses reported having cybersecurity breaches or attacks, with phishing attacks being most common.
With the current state of heightened cyber risk, businesses are more likely to become collateral damage as targeted malware spreads to other businesses. This was the case with the 2017 NotPetya ransomware attacks. During this time, Russia targeted Ukraine’s financial, energy and government institutions with an advanced ransomware. Due to the indiscriminate design of the ransomware, it also spread to machines in the United States, United Kingdom, Australia, and many other countries. It is possible a similar scenario could play out, and for this reason, businesses should take steps to improve their security posture.
What else businesses can do to remain vigilant
The NCSC has provided a list of actions that they recommend organisations to ensure basic cybersecurity hygiene controls are in place and functioning properly.
This guidance is essential for all businesses, however there is more that businesses can do to bolster their security posture. We recommend that all businesses deploy additional security features regarding email security, backups and disaster recovery and employee education and awareness.
As email is the number one attack vector, it is essential that businesses do everything they can to decrease the chance of falling victim to a phishing attack. There are many ways that cybercriminals use email to launch a cyberattack, however thankfully a comprehensive email security solution can stop malicious emails before they even land in an employee’s inbox. Businesses should always seek email security solutions that also include URL and attachment protection to thwart business email compromise attacks.
It should also be noted that during periods of unrest, it is common to see phishing attacks link to malicious websites masquerading as news sites, or even charity donation sites. A comprehensive email security solution should stop these, however it is important that employees are educated on common cyberattacks and scams to reduce the chance of falling victim to an attack, both at work and at home.
Employee Education and Awareness
There are many software solutions designed to stop cyberattacks in their tracks, however a key component of how businesses can remain vigilant in periods of increased global cyber risk is by providing their employees with cybersecurity training. Cybersecurity training encourages employees to understand the cybersecurity threat landscape, how to identify security risks and the process of reporting potential cyberattacks or poor security practices. Effective cybersecurity training can decrease the chance of a business falling victim to a cyberattack, whilst developing a positive security culture within a business.
As all employees have some level of access to company data, they all play a role in protecting the business from a cyberattack. When designing cybersecurity training, businesses must cover enough information to give employees the tools required to identify potential attacks, without going into too much detail and confusing the audience. Some topics that should be covered include phishing attacks, social engineering attacks, password hygiene and how to stay secure whilst hybrid working.
Backup and Disaster Recovery
As the most likely scenario is a widescale ransomware attack, it is essential that businesses have a tried and tested method of disaster recovery. Even if a business does pay the ransom after falling victim to an attack, typically they can only recover 65% of their data. In order for businesses to limit the downtime after an attack and increase the likelihood of being able to recover 100% of their data, they should make use of a comprehensive backup solution. Data should be backed up on a frequent, regular basis, with copies stored offsite to ensure they cannot be affected by ransomware. These backups should also form part of a larger disaster and incident recovery plan.
Actions to take
1. Ensure your network and computers are fully patched
2. Verify Access controls
3. Ensure defences are working
4. Logging and monitoring
5. Review your backups
6. Incident planning
7. Check your internet footprint
8. Phishing response
9. Brief your company on the risks.
How we can help
Although the world is in a period of increased global cyber risk, there is not need for businesses to panic. It is most important that all businesses implement the basic cybersecurity hygiene controls recommended by the NCSC.
If your business has not previously considered their security posture, or if your business is looking to ramp up their security, contact us today and we will be happy to help you stay secure.
• Managed IT services
• Cyber Essentials accreditation including Cyber essentials +
• Managed Firewall Services
• Microsoft security services