The crisis in Ukraine has prompted the Ministry of Defence (MOD) to remind its partners and the defence supply chain to revisit the strength of their cyber security in readiness for any potential attack from Russia.

Russia has a reputation for carrying out cyber-attacks and a number of leading organisations have updated their guidance in light of the escalating Russian military campaign.

The message comes from Director General Commercial at the MOD, Andrew Forzani, who has highlighted a number of key organisations’ recent guidance updates and recommended reiterating the importance of cyber vigilance across all levels of operation.

While the warning has come from the MOD, the threat posed is one that could potentially affect every business in the UK and Russia may seek to disrupt supply chains and attack critical infrastructure.

The National Cyber Security Centre (NCSC)

The National Cyber Security Centre (NCSC) has updated its guidance to UK companies and organisations and is urging UK organisations to bolster their cyber security resilience in response to the recent reports of malicious cyber incidents in and around Ukraine.

The NCSC is investigating these recent reports, which follow a similar pattern of Russian behaviour seen in previous situations such as the NotPetya attack in 2017 and cyber-attacks against Georgia.

What does the NCSC advise?

While the NCSC has stated it has no knowledge of any current specific threats to UK organisations in relation to the situation in Ukraine, organisations are being encouraged to take steps that will reduce the risk of their falling victim to an attack.

These include:

Patching systems 

Involves the introduction of software and operating system updates that successfully identifies and contends with any security vulnerabilities within a programme.

Improving access controls and enabling multi-factor authentication 

Multi-factor authentication, or two factor authentication as it has become more commonly known by the general public in recent years, involves the identification verification of a user using two or more pieces of evidence.

Implementing an effective incident response plan 

Quite simply, an incident response plan is a document that details an organisations procedure, responsibilities, and step by step moves when an incident occurs.

Checking back-ups and restore mechanisms are working 

Again, rather simplistically, backup and restore process are the concept of creating copies of data to ensure they are protected against accidental, or, in the case of cyber-attacks, malicious deletion or corruption. Recovery, meanwhile, refers to the process of restoring said data.

Protecting the supply chain

The CPNI (The Centre for the Protection of National Infrastructure) have also provided guidance to those organisations whose supply chain may be directly or indirectly targeted during the political instability and conflict.

The advice is to increase resilience against the threat by optimising supply chain defences, incident management and business continuity capability.

A number of areas could be used to disrupt the supply chain with cyber providing a significant threat.

The CPNI warn that an attack on cyber infrastructure could be carried out to undermine confidence in your organisation, create disruption or gain insight into business activity which enables further disruptive activity such as the exploitation of insiders.

Russia or other cyber criminals could also potentially use methods such as ransomware, which may impact your organisation even if it wasn’t the original intention.

The CPNI recommends a number of measures to combat the threat.

These include:

• Having visibility of your organisations’ high-risk and critical suppliers, including those who need to become more security mature
• Checking if you have given system administration rights to any supplier(s). If so, investigate to see if it is essential to fulfil their task
• Provide suppliers with only the access to information that is strictly necessary for their operation. Remember to revoke access rights for those suppliers that no longer require access

How can cyber accreditation help my business?

Cyber Essentials is a government-backed, industry-supported scheme. It helps businesses win more public sector contracts, by ensuring that they comply with mandatory requirements for cyber security. 

It is the UK Government’s answer to a safer internet space for organisations of all sizes, across all sectors. Developed and operated by the National Cyber Security Centre (NCSC), Cyber Essentials is considered the best first step to a more secure network, protecting you from 80% of the most basic cyber security breaches.

To find out more how gaining a Cyber Essentials certification can help your business demonstrate their credentials as trustworthy and secure when it comes to cyber security, click here.